Table of Contents
Advertisement
Services
3. Click Services > DNS.
4. Click Access control list to configure access control:
To limit access to specified IPv4 addresses and networks:
n
a. Click IPv4 Addresses.
b. For Add Address, click .
c. For Address, enter the IPv4 address or network that can access the device's DNS
d. Click again to list additional IP addresses or networks.
To limit access to specified IPv6 addresses and networks:
n
a. Click IPv6 Addresses.
b. For Add Address, click .
c. For Address, enter the IPv6 address or network that can access the device's DNS
d. Click again to list additional IP addresses or networks.
To limit access to hosts connected through a specified interface on the IX10 device:
n
a. Click Interfaces.
b. For Add Interface, click .
c. For Interface, select the appropriate interface from the dropdown.
d. Click again to allow access through additional interfaces.
To limit access based on firewall zones:
n
a. Click Zones.
b. For Add Zone, click .
c. For Zone, select the appropriate firewall zone from the dropdown.
d. Click again to allow access through additional firewall zones.
5. (Optional) Cache negative responses is enabled by default. Disabling this option may improve
performance on networks with transient DNS results, when one or more DNS servers may have
positive results. To disable, click to toggle off Cache negative responses.
6. (Optional) Query all servers is enabled by default. This option is useful when only some DNS
servers will be able to resolve hostnames. To disable, click to toggle off Query all servers.
7. (Optional) Rebind protection, if enabled, prevents upstream DNS servers from returning
private IP addresses. To enable, click Rebind protection.
8. (Optional) Allow localhost rebinding is enabled by default if Rebind protection is enabled.
This is useful for Real-time Black List (RBL) servers.
9. (Optional) To add additional DNS servers:
IX10 User Guide
service. Allowed values are:
A single IP address or host name.
l
A network designation in CIDR notation, for example, 192.168.1.0/24.
l
any: No limit to IPv4 addresses that can access the DNS service.
l
service. Allowed values are:
A single IP address or host name.
l
A network designation in CIDR notation, for example, 2001:db8::/48.
l
any: No limit to IPv6 addresses that can access the DNS service.
l
See
Firewall configuration
for information about firewall zones.
Configure DNS
506
Advertisement
Table of Contents
