diff --git a/apps/k8s01/dns/kustomization.yaml b/apps/k8s01/dns/kustomization.yaml
index 9309b0251e18f25047ce559bc95160185e4097da..d2a1ad9fdc61948021617419a40476f5449b6791 100644
--- a/apps/k8s01/dns/kustomization.yaml
+++ b/apps/k8s01/dns/kustomization.yaml
@@ -4,5 +4,6 @@ namespace: dns
 resources:
   - namespace.yaml
   - dns.yaml
+  - networkpolicy.yaml
   - ../../../shared/networkpolicies/allow-from-same-namespace.yaml
   - ../../../shared/resourcequotas/default.yaml
diff --git a/apps/k8s01/dns/networkpolicy.yaml b/apps/k8s01/dns/networkpolicy.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..ada5fc305221db75e2b41a2249736f5146bc38ec
--- /dev/null
+++ b/apps/k8s01/dns/networkpolicy.yaml
@@ -0,0 +1,18 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-from-everywhere-to-do53
+spec:
+  podSelector:
+    matchLabels:
+      app: resolver
+  ingress:
+  - from:
+    - ipBlock:
+        cidr: 0.0.0.0/0
+    ports:
+      - protocol: UDP
+        port: 53
+      - protocol: TCP
+        port: 53