diff --git a/hosts/sid/services/coredns.nix b/hosts/sid/services/coredns.nix
index df9b3bb..e5c0904 100644
--- a/hosts/sid/services/coredns.nix
+++ b/hosts/sid/services/coredns.nix
@@ -10,7 +10,7 @@
     enable = true;
     config = with constants; ''
       .:53 {
-        bind 0.0.0.0
+        bind 127.0.0.1
         hosts {
           ${hosts.sid.ip} ${ca-fqdn} 
 
@@ -29,7 +29,4 @@
       }
     '';
   };
-
-  networking.firewall.allowedUDPPorts = [ 53 ];
-  networking.firewall.allowedTCPPorts = [ 53 ];
 }