diff --git a/handlers.yml b/handlers.yml
index d151e17..f9cc874 100644
--- a/handlers.yml
+++ b/handlers.yml
@@ -5,6 +5,13 @@
     state: restarted
     enabled: true
 
+- name: restart systemd-resolved
+  become: true
+  systemd:
+    name: systemd-resolved
+    state: restarted
+    enabled: true
+
 - name: regenerate initramfs
   become: true
   command: update-initramfs -u -k all
diff --git a/tasks/network.yml b/tasks/network.yml
index 4a60382..a12e47a 100644
--- a/tasks/network.yml
+++ b/tasks/network.yml
@@ -37,6 +37,7 @@
     dest: '/etc/systemd/resolved.conf'
     mode: '0644'
     owner: root
+  notify: restart systemd-resolved
 
 - name: Copy firewall template
   become: true
diff --git a/templates/nftables.j2 b/templates/nftables.j2
index 4014dad..81883fe 100644
--- a/templates/nftables.j2
+++ b/templates/nftables.j2
@@ -44,8 +44,6 @@ table ip filter {
     iifname "{{ vpn_media_interface }}" udp dport 53 ip saddr {{ vpn_media_source_range }} ip daddr {{ vpn_media_destination_range }} accept comment "DNS UDP"
 
     iifname "{{ vpn_media_interface }}" tcp dport {{ jellyfin_http_port }} ip saddr {{ vpn_media_source_range }} ip daddr {{ vpn_media_destination_range }} accept comment "Jellyfin HTTP"
-    iifname "{{ vpn_media_interface }}" tcp dport {{ jellyfin_service_port }} ip saddr {{ vpn_media_source_range }} ip daddr {{ vpn_media_destination_range }} accept comment "Jellyfin service discovery"
-    iifname "{{ vpn_media_interface }}" tcp dport {{ jellyfin_client_port }} ip saddr {{ vpn_media_source_range }} ip daddr {{ vpn_media_destination_range }} accept comment "Jellyfin client discovery"
 
     log
   }