Reorganizing the structure

calico-cloud/networking/configuring/node-local-dns-cache.mdx

@@ -47,9 +47,17 @@ If you're using encapsulation, you will need to allow connectivity from the tunn
 The Tigera operator creates policy to allow Tigera components to connect to NodeLocal DNSCache when detected.
 Felix accounts for the NodeLocal DNSCache in creating DNS Logs and enforcing DNS Policy.
 
-If the cluster uses a BPF dataplane, annotating the DNS Service is necessary to inform the kube-proxy replacement not to resolve traffic going to a specific service IP - more information can be found in [this blog](https://www.tigera.io/blog/optimizing-kubernetes-dns-with-nodelocal-dnscache-and-calico-ebpf-a-practitioners-guide/).
-The following command shows an example of how to perform this operation:
+## Enable NodeLocal DNSCache on $[prodname] using the eBPF data plane
 
-```
+If your $[prodname] installation uses the eBPF data plane, then you need to annotate the `kube-dns` service.
+Without this, the `kube-proxy` replacement will improperly resolve traffic going to a specific service IP.
+
+Annotate the `kube-dns` service by running the following command:
+
+```bash
 kubectl annotate service kube-dns -n kube-system projectcalico.org/natExcludeService=true
-```
+```
+
+## Additional resources
+
+- [Blog: Optimizing Kubernetes DNS with NodeLocal DNSCache and Calico eBPF: A Practitioner’s Guide](https://www.tigera.io/blog/optimizing-kubernetes-dns-with-nodelocal-dnscache-and-calico-ebpf-a-practitioners-guide/)

calico-enterprise/networking/configuring/node-local-dns-cache.mdx

@@ -53,9 +53,17 @@ If you're using encapsulation, you will need to allow connectivity from the tunn
 The Tigera operator creates policy to allow Tigera components to connect to NodeLocal DNSCache when detected.
 Felix accounts for the NodeLocal DNSCache in creating DNS Logs and enforcing DNS Policy.
 
-If the cluster uses a BPF dataplane, annotating the DNS Service is necessary to inform the kube-proxy replacement not to resolve traffic going to a specific service IP - more information can be found in [this blog](https://www.tigera.io/blog/optimizing-kubernetes-dns-with-nodelocal-dnscache-and-calico-ebpf-a-practitioners-guide/).
-The following command shows an example of how to perform this operation:
+## Enable NodeLocal DNSCache on $[prodname] using the eBPF data plane
 
-```
+If your $[prodname] installation uses the eBPF data plane, then you need to annotate the `kube-dns` service.
+Without this, the `kube-proxy` replacement will improperly resolve traffic going to a specific service IP.
+
+Annotate the `kube-dns` service by running the following command:
+
+```bash
 kubectl annotate service kube-dns -n kube-system projectcalico.org/natExcludeService=true
-```
+```
+
+## Additional resources
+
+- [Blog: Optimizing Kubernetes DNS with NodeLocal DNSCache and Calico eBPF: A Practitioner’s Guide](https://www.tigera.io/blog/optimizing-kubernetes-dns-with-nodelocal-dnscache-and-calico-ebpf-a-practitioners-guide/)

calico/networking/configuring/node-local-dns-cache.mdx

@@ -53,9 +53,17 @@ If you're using encapsulation, you will need to allow connectivity from the tunn
 The Tigera operator creates policy to allow Tigera components to connect to NodeLocal DNSCache when detected.
 Felix accounts for the NodeLocal DNSCache in creating DNS Logs and enforcing DNS Policy.
 
-If the cluster uses a BPF dataplane, annotating the DNS Service is necessary to inform the kube-proxy replacement not to resolve traffic going to a specific service IP - more information can be found in [this blog](https://www.tigera.io/blog/optimizing-kubernetes-dns-with-nodelocal-dnscache-and-calico-ebpf-a-practitioners-guide/).
-The following command shows an example of how to perform this operation:
+## Enable NodeLocal DNSCache on $[prodname] using the eBPF data plane
 
-```
+If your $[prodname] installation uses the eBPF data plane, then you need to annotate the `kube-dns` service.
+Without this, the `kube-proxy` replacement will improperly resolve traffic going to a specific service IP.
+
+Annotate the `kube-dns` service by running the following command:
+
+```bash
 kubectl annotate service kube-dns -n kube-system projectcalico.org/natExcludeService=true
-```
+```
+
+## Additional resources
+
+- [Blog: Optimizing Kubernetes DNS with NodeLocal DNSCache and Calico eBPF: A Practitioner’s Guide](https://www.tigera.io/blog/optimizing-kubernetes-dns-with-nodelocal-dnscache-and-calico-ebpf-a-practitioners-guide/)