Does the device support DNS proxy

0

The device supports DNS proxy. The DNS proxy forwards DNS request and response packets between a DNS client and DNS server. The DNS client on a LAN considers the DNS proxy as the DNS server and sends DNS request packets to the DNS proxy. The DNS proxy forwards DNS request packets to the DNS server, and sends DNS response packets from the DNS server to the DNS client, to implement domain name resolution. When the DNS server's IP address changes, you only need to change the DNS proxy configuration without changing the configuration of each DNS client. This simplifies network management.

Other related questions:
Do S series switches support DNS proxy
S series switches (excluding the S1700) support only the DNS client function. Static and dynamic domain name resolution can be used together. When resolving the domain name, the switch first uses static domain name resolution. The switch queries the local static domain name resolution table. If static domain name resolution fails, the switch uses dynamic domain name resolution. The switch sends a DNS request to the DNS server. Dynamic domain name resolution takes some time and requires the DNS server. You can add some common domain names to the static domain name resolution table to improve the resolution efficiency. Huawei S series switches support static and dynamic domain name resolution. The configuration procedure is as follows: 1. Configure the static domain name resolution. [Huawei] ip host hostB 10.4.1.1 //Configure a static DNS entry. 2. Configure dynamic domain name resolution. [Huawei] dns resolve //Enable dynamic DNS resolution. [Huawei] dns server 10.3.1.2 /Configure the DNS server's IP address. [Huawei] dns domain net //Configure the DNS domain name suffix.

Configuring DNS proxy through the CLI of the USG2000&5000 series
The USG2000&5000 series can serve as the DNS proxy to forward DNS request and reply packets between the DNS client and DNS server. After the IPv4 DNS proxy function is enabled and the IP address of the DNS server changes, you only need to change the DNS proxy configurations. Therefore, network management is simplified. 1. Run the system-view command to access the system view. 2. Run the dns proxy enable command to enable the IPv4 DNS proxy function. The IPv4 DNS proxy function is disabled by default. 3. Run the dns server { ip-address | unnumbered interface interface-type interface-number } command to add the DNS server. 4. Optional: Run the dns host source { interface-type interface-number | ip-address } command to specify the source address of the query packet.

Configuring DNS proxy through the web UI of the USG2000&5000 series
The USG2000&5000 series can serve as the DNS proxy to forward DNS request and reply packets between the DNS client and DNS server. Specify the DNS server address through the web UI so that the device can serve as the DNS proxy to send domain name resolution requests to the DNS server. 1. Choose Network > DNS > DNS. 2. Click Add in DNS Server List. 3. Set the IP address of the DNS server. If you do not select the external network interface, the configured DNS server address is the global address. Enter the IPv4 or IPv6 address of the DNS server in the DNS Server Address text box. Click OK. If you select a specific external network interface, the configured DNS server address is the address bound with the interface and applies only to this interface. If the operation succeeds, the new configuration whose Obtaining Mode is Manual is displayed in DNS Server List. Repeat the preceding operations to add the IPv4 or IPv6 addresses of multiple DNS servers. 4. Optional: In Configure DNS Query Packets' Source Address, set the Source Interface or Source Address. 5. Click Apply .

Configuring DNS proxy through the web UI of the USG6000 series
The USG6000 series can serve as the DNS proxy to forward DNS request and reply packets between the DNS client and DNS server. Specify the DNS server address through the web UI so that the device can serve as the DNS proxy to send domain name resolution requests to the DNS server. 1. Choose Network > DNS > DNS. 2. Click Add in DNS Server List. 3. Set the IP address of the DNS server. If you do not select the external network interface, the configured DNS server address is the global address. Enter the IPv4 or IPv6 address of the DNS server in the DNS Server Address text box. Click OK. If you select a specific external network interface, the configured DNS server address is the address bound with the interface and applies only to this interface. If the operation succeeds, the new configuration whose Obtaining Mode is Manual is displayed in DNS Server List. Repeat the preceding operations to add the IPv4 or IPv6 addresses of multiple DNS servers. 4. Optional: In Configure DNS Query Packets's Source Address, set the Source Interface or Source Address. 5. Click Apply .

Differences between the smart DNS and the transparent DNS proxy supported by the USG6000
The USG6000 supports the smart DNS and the transparent DNS proxy. The same points are as follows: (1) Both the smart DNS and the transparent DNS proxy provide the DNS service. (2) Both the smart DNS and the transparent DNS proxy provide appropriate access paths for users by means of interfering DNS behaviors. (3) Both the smart DNS and the transparent DNS proxy are implemented by the firewall (non-DNS server). The differences are as follows: (1) The application scenarios of the smart DNS and the transparent DNS proxy are different. The transparent DNS proxy is used to control the path used by users inside the enterprise zone to access external network resources and aims to improve the bidirectional outbound interface bandwidth usage; the smart DNS is used to control the path used by users outside the enterprise zone (Internet users) to access the internal servers and aims to select the shortest path to avoid inter-ISP access. (2) Locations of DNS servers are different. The DNS server of the transparent DNS proxy is deployed at the ISP side, and the DNS server of the smart DNS is deployed at the enterprise side. (3) User locations, accessed resource locations, and access directions are different.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top