D-Link NetDefendOS User Manual page 152

Network security firewall

Hide thumbs Also See for NetDefendOS:

User manual (552 pages)

Table of Contents

gw-world:/> dns -cache

An example of output from this command is shown below:

gw-world:/> dns -cache

---------------------------------- ---------- ------ --------------------

my_fqdn_address1

my_fqdn_address2

The status of a particular FQDN in the cache can be examined with the following command:

gw-world:/> dns -cache <FQDN>

Where <FQDN> is the logical configuration name of the address object in the address book.

Below is a example of output from this command:

gw-world:/> dns -cache my_fqdn_address1

Address : my_fqdn_address1

--------------------------------------------------

This information about the DNS cache can also be accessed in the Web Interface by going to

Status > Run-time Information > DNS Cache.

The Cache is Automatically Updated

When the DNS server returns IP addresses for an FQDN Address object, it also returns a Time To

Live (TTL) value. This value is stored with the entry for the FQDN Address object in the DNS cache.

When the TTL expires, NetDefendOS will refresh the cache entry by issuing a new DNS query.

The TTL returned from the DNS server could be very low or even zero. For this reason,

NetDefendOS provides a global DNS setting called Minimum TTL. If the TTL returned from a DNS

server is less than the value of Minimum TTL, the TTL is reset to be the Minimum TTL value.

There is also a second global DNS setting called Minimum Cache Time. This value becomes the

TTL if it greater than the TTL from the DNS server. However, the TTL value from the DNS server is

used if it is greater than the Minimum Cache Time setting.

Associated Log Messages

NetDefendOS can generate the following log messages associated with FQDN Address objects:

ipv4_max_addresses - The 128 IPv4 address limit is exceeded and addresses from the DNS

server have been dropped.

ipv6_max_addresses - The 128 IPv6 address limit is exceeded and addresses from the DNS

server have been dropped.

dns_no_record - The DNS server does not have a record for the FQDN and it cannot be

dns_timeout - The DNS server has timed out during the FQDN lookup.

dns_error - An unspecified error occurred during DNS lookup.

IP Cnt Address

Chapter 3: Fundamentals

server1.example.com

Show Quick Links

Quick Links:
User Manual

Table of Contents

D-Link NetDefendOS User Manual page 152

Troubleshooting

D-Link NetDefendOS User Manual page 152

Hide quick links:

Troubleshooting

Related Manuals for D-Link NetDefendOS

Related Products for D-Link NetDefendOS

Table of Contents