Transparent DNS proxy configuration on the USG6000

The principle for configuring the transparent DNS proxy on the USG6000 is as follows:
By configuring the transparent DNS proxy on the NGFW, DNS request packets of intranet users are distributed to DNS servers of ISP1 and ISP2 based on a ratio of 2:1. In this way, network access traffic of the intranet users is also distributed to the DNS servers of ISP1 and ISP2 based on a ratio of 2:1. The smart routing function is required to select an outbound interface. In addition, the ISP address library routing function must be configured.
The configuration procedure is as follows:
1. Configure the transparent DNS proxy function.
Bind the DNS server address with the outbound interface. Specify the address of the DNS server serving as the transparent DNS proxy, and configure the domain names to be excluded.
2. Configure the ISP address library routing function.
If the preset ISP address file is used, skip this step. If a new ISP address file is imported, configure the ISP name and specify the mapping between the ISP name and the ISP address file.
3. Configure the outbound interface.
Configure the interface IP address, gateway, bandwidth, bandwidth overload protection threshold, and ISP name corresponding to the interface.
4. Configure the global routing policy.
Set the smart routing mode to load balancing, and set outbound interfaces that are directly connected to the NGFW, ISP1 network, and ISP2 network as member interfaces of the smart routing function.

For specific configurations, click Method Used to Configure Transparent DNS Proxy on the USG6000.

Scroll to top