Per-VDOM DNS configuration What’s new in FortiOS Version 4.0 MR1
FortiGate Version 4.0 MR1 Administration Guide
74 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
4 Select Apply or OK.
To configure DNS relay using the CLI, use the new dns-query keyword in the network
interface configuration, as follows.
conf system interface
edit <interface_name>
set dns-query {recursive | non-recursive | disable}
end
Per-VDOM DNS configuration
In FortiOS 4.0 MR1, you can optionally define separate DNS servers for each non-
management VDOM. The management VDOM always uses the global DNS servers.
You configure the global DNS servers using the CLI command config system dns.
The VDOM-level configuration is similar:
config vdom
edit <vdom_name>
config system vdom-dns
set vdom-dns {enable | disable}
set primary <dns_ipv4>
set secondary <dns_ip4>
set ip6-primary <dns_ip6>
set ip6-secondary <dns_ip6>
end
end
Variable Description Default
edit <interface_name> Enter the name of the interface to configure. No default.
dns-query {recursive |
non-recursive | disable}
disable — Disable DNS.
non-recursive — Look up domain name
in local database. Do not relay the request to
the DNS server configured for the FortiGate
unit.
recursive — Look up domain name in
local database. If the entry is not found, relay
the request to the DNS server configured for
the FortiGate unit.
disable
On models
100 and lower,
the Internal
interface
defaults to
recursive.
Variable Description Default
vdom-dns
{enable | disable}
Enable to define DNS servers for this VDOM.
Disable to use global DNS servers.
disable
primary <dns_ipv4> Enter the primary IPv4 DNS server IP address. 0.0.0.0
secondary <dns_ip4> Enter the secondary IPv4 DNS IP server address. 0.0.0.0
ip6-primary <dns_ip6>
Enter the primary IPv6 DNS server IP address. ::
ip6-secondary <dns_ip6>
Enter the secondary IPv6 DNS IP server address. ::
To Next Page
Loading...
Need help?
General