DNS Proxy Policies
Configuration > Networking > DNS Proxy
The DNS (Domain Name Server) Proxy stores public IP addresses with their associated domain name. By default, Server A is used primarily as a private DNS to backhaul traffic and Server B is used to match all other domains that are not included under Server A. Server B is also used for public (cloud services) to breakout traffic. Other deployment modes include AppExpress Only and Hybrid. See the table below for the field descriptions on this tab.
| Field | Description |
|---|---|
| Appliance | Name of the appliance associated with DNS proxy. |
| Segment | Name of the segment applied to your appliances, if enabled. |
| DNS Proxy Enabled | Whether the DNS Proxy is enabled. Select True or False. |
| Deployment Mode | Default – Server A is used primarily as a private DNS to backhaul traffic and Server B is used to match all other domains that are not included under Server A. Server B is also used for public (cloud services) to breakout traffic. All UDP-based queries are proxied. AppExpress Only — Only AppExpress domains are proxied. NOTE: To deploy AppExpress Only mode, you must push an empty DNS template to the appliances before you apply AppExpress groups to the appliances. See Templates Overview. Hybrid — All AppExpress domains are proxied and all other domains are subject to the default mode for Server A and Server B. NOTE: If “No data available” is displayed, DNS proxy is disabled. No DNS queries are proxied. |
| Interface | Name of the interface associated with the DNS proxy. |
| Server A Addresses | IP addresses of Server A. |
| Server A Domains | Domain addresses of Server A. |
| Server A Caching | Whether you configured the server to be cached. |
| Server B Addresses | IP addresses of Server B. |
| Server B Domains | Domain addresses of Server B. |
| Server B Caching | Whether you configured the server to be cached. |
Configure DNS Proxy Policies
Complete the following steps to configure and define your DNS Proxy policies.
NOTE: This feature is only configurable if you have loopback interfaces configured.
-
Choose whether you want to enable the DNS Proxy by selecting ON or OFF.
-
Select the name of the loopback interface or the LAN-side label associated with your DNS proxy.
-
Enter the IP addresses for Server A in the Server A Addresses field.
-
Choose whether you want caching to be ON or OFF. If selected, the domain name to the IP address mapping is cached. By default, caching is ON.
-
Enter the domain names of the Server A for the above IP addresses.
-
Enter Server B IP addresses in the Server B Addresses field. Server B will be used if there are no matches to the Server A domains.
NOTE: You can Clear DNS Cache. This will erase the domain name to the IP address mapping you had cached for both Server A and B.