diff --git a/.env b/.env
index 9083f819..238c4039 100644
--- a/.env
+++ b/.env
@@ -76,4 +76,4 @@ DMQ_DNS_SERVER=server=8.8.8.8\nserver=8.8.4.4
 DMQ_DNS_SRV=
 DMQ_DNS_TXT=
 #DMQ_GLOBAL=address=/docker/127.0.0.1
-DMQ_GLOBAL=address=/docker/172.100.61.250
+DMQ_GLOBAL=address=/docker/172.28.61.250
diff --git a/README.md b/README.md
index b1ad7b4e..af3ee994 100644
--- a/README.md
+++ b/README.md
@@ -42,6 +42,18 @@ corepack prepare pnpm@latest --activate
 - Modify `~/.npmrc` ([per-user config file](https://docs.npmjs.com/cli/v7/configuring-npm/npmrc#per-user-config-file))
   and add line `//npm.pkg.github.com/:_authToken=` and the generated token.
 
+### Local DNS
+
+#### macOS
+
+```bash
+sudo mkdir /etc/resolver/
+sudo sh -c 'echo "nameserver 127.0.0.1" > /etc/resolver/docker'
+sudo dscacheutil -flushcache
+sudo killall -HUP mDNSResponder
+./docker-mac-routes-add.sh
+```
+
 ### Bootstrapping
 
 ```bash
@@ -49,6 +61,12 @@ pnpm install
 pnpm build
 pnpm test
 ```
+
+To setup mkcert local CA
+```bash
+mkcert --install
+```
+
 To create local certificates
 ```bash
 make cert-install
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 52c8eeb2..e61afb73 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -3,12 +3,12 @@ services:
     image: redis:7.2.4
     restart: on-failure
     networks:
-      - default
+      - sai
   sai:
     image: node:22-alpine
     restart: on-failure
     networks:
-      - default
+      - sai
     expose:
       - 4000
     ports:
@@ -16,7 +16,7 @@ services:
     working_dir: /sai/packages/service
     command: ["node", "--inspect", "dist/componentsMain.js"]
     dns:
-      - 172.100.61.253
+      - 172.28.61.253
     volumes:
       - ./:/sai
       - ${CAROOT}:/mkcert
@@ -42,9 +42,9 @@ services:
     image: node:22-alpine
     restart: on-failure
     networks:
-      - default
+      - sai
     dns:
-      - 172.100.61.253
+      - 172.28.61.253
     expose:
       - 3000
     working_dir: /sai/packages/css-storage-fixture
@@ -69,7 +69,7 @@ services:
     image: node:22-alpine
     restart: on-failure
     networks:
-      - default
+      - sai
     expose:
       - 4200
     working_dir: /sai/ui/authorization
@@ -86,7 +86,7 @@ services:
     image: node:22-alpine
     restart: on-failure
     networks:
-      - default
+      - sai
     expose:
       - 4500
     working_dir: /sai/examples/vuejectron
@@ -125,8 +125,8 @@ services:
       retries: 8
       start_period: 4s
     networks:
-      default:
-        ipv4_address: 172.100.61.250
+      sai:
+        ipv4_address: 172.28.61.250
 
   dns:
     image: drpsychick/dnsmasq:latest
@@ -146,12 +146,13 @@ services:
       retries: 8
       start_period: 4s
     networks:
-      default:
-        ipv4_address: 172.100.61.253
+      sai:
+        ipv4_address: 172.28.61.253
 
 networks:
-  default:
+  sai:
     name: network.${COMPOSE_PROJECT_NAME}
+    internal: false
     ipam:
       config:
-        - subnet: 172.100.61.0/24
+        - subnet: 172.28.61.0/24
diff --git a/docker-mac-routes-add.sh b/docker-mac-routes-add.sh
new file mode 100755
index 00000000..74b642ca
--- /dev/null
+++ b/docker-mac-routes-add.sh
@@ -0,0 +1,106 @@
+#!/bin/bash
+
+echoerr() { echo "ERROR: $@" 1>&2; }
+
+# Check if the script is running on macOS
+if [[ "$(uname)" != "Darwin" ]]; then
+  echoerr "This script is intended to run on macOS only."
+  exit 1
+fi
+
+echo "This tool supports Docker Desktop versions >= 4.26"
+
+# Check if Docker Desktop is running
+docker ps > /dev/null
+if [ $? -ne 0 ]; then
+  echoerr "Error with finding local Docker. Make sure Docker cli and Docker Desktop are installed."
+  exit 1
+fi
+
+
+# Get IP of eth1 from BusyBox container with NET_ADMIN privileges
+# Define the Docker command to get the IP address of eth1
+DOCKER_COMMAND="ip addr show eth1 | grep 'inet ' | awk '{print \$2}' | cut -d/ -f1"
+
+# Pull the BusyBox image if not already pulled
+echo "Pulling BusyBox Docker image..."
+docker pull busybox:latest
+
+# Run the BusyBox container with network privileges (NET_ADMIN) and execute the command
+echo "Running BusyBox container with network privileges (NET_ADMIN) to get IP address of eth1..."
+IP_ADDRESS=$(docker run --rm --network host --cap-add NET_ADMIN busybox:latest sh -c "$DOCKER_COMMAND")
+
+# Check if the IP address was successfully retrieved
+if [ -n "$IP_ADDRESS" ]; then
+  echo "IP address of eth1: $IP_ADDRESS"
+else
+  echoerr "Failed to retrieve IP address of eth1."
+  echoerr "Make sure kernelForUDP is set, it is needed for this to work."
+  echoerr "You can enable it manually from Docker Desktop GUI."
+  echoerr "This is done from Settings(top right)->Resources->Network."
+  echoerr "Enable 'Use kernel networking for UDP' in Docker Desktop."
+  exit 1
+fi
+
+# List Docker networks with 'bridge' driver and display their subnets
+
+echo "Listing Docker networks with 'bridge' driver and their subnets..."
+
+# Get a list of all Docker networks with the 'bridge' driver
+NETWORKS=$(docker network ls --filter driver=bridge --format "{{.ID}}")
+
+# Iterate over each network and get its subnet
+for NETWORK_ID in $NETWORKS; do
+  # Inspect the network and extract the subnet information
+  SUBNETS=$(docker network inspect --format '{{range .IPAM.Config}}{{.Subnet}}{{end}}' "$NETWORK_ID")
+
+  # Get the network name for display purposes
+  NETWORK_NAME=$(docker network inspect --format '{{.Name}}' "$NETWORK_ID")
+
+  # Display the network name and its subnets
+  if [ -n "$SUBNETS" ]; then
+    echo "Network: $NETWORK_NAME (ID: $NETWORK_ID)"
+    echo "  Subnet(s): $SUBNETS"
+
+    # Check and Add/Remove Routes on macOS
+
+    for SUBNET in $SUBNETS; do
+      # Check if the route already exists
+      echo "Checking for local routes already setup..."
+      EXISTING_ROUTE=$(route -n get "$SUBNET" | grep destination: | grep -v default)
+
+      if [ -n "$EXISTING_ROUTE" ]; then
+        ROUTE_INFO=$(route -n get "$SUBNET")
+        ROUTE_GATEWAY=$(echo "$ROUTE_INFO" | grep gateway: | awk '{print $2}')
+        ROUTE_INTERFACE=$(echo "$ROUTE_INFO" | grep interface: | awk '{print $2}')
+        echo "Route for subnet $SUBNET already exists:"
+        echo "  subnet: $SUBNET gateway: $ROUTE_GATEWAY interface: $ROUTE_INTERFACE"
+        # Check if the route to Docker VM already exists
+        if [ "$ROUTE_GATEWAY" == "$IP_ADDRESS" ]; then
+          echo "Skipping."
+          continue
+        fi
+
+        # Ask to delete route to subnet before adding route to Docker VM
+        read -p "Do you want to remove this existing route? (y/n): " CHOICE
+
+        if [[ "$CHOICE" == "y" || "$CHOICE" == "Y" ]]; then
+          # Remove the existing route
+          echo "[NEED SUDO RIGHTS] Removing existing route for subnet $SUBNET..."
+          sudo route -n delete -net $SUBNET
+        else
+          echo "Skipping route addition for subnet $SUBNET."
+          continue
+        fi
+      fi
+
+      # Add the new route for the subnet to the IP_ADDRESS
+      echo "[NEED SUDO RIGHTS] Adding route to subnet $SUBNET via $IP_ADDRESS..."
+      sudo route -n add -net $SUBNET $IP_ADDRESS
+    done
+  else
+    echo "Network: $NETWORK_NAME (ID: $NETWORK_ID) has no defined subnets."
+  fi
+  echo "Done."
+done
+