The DNS resolver is explained in more detail in the DNS and name resolvers section. Complete the fields in the DNS Resolving section of the Add/Edit Site page to configure DNS resolving for a Site:
NOTE
In the case of Cloud environments, a DNS server may not be required as the Cloud resolvers use Cloud APIs and these will usually return the required IP addresses directly.
Host Resolving. The hosts file on the Gateway appliances will be used to resolve hostnames within Entitlements. Add hostnames to the Hosts File in the miscellaneous tab of the appliance configuration. For details go to Configure appliance.
DNS Resolvers. To allow a Gateway to resolve users' Entitlements out of the box, a limited default DNS resolver is included. As you add more, you can set the order in which they are tried using the up down arrows. The use of the dns:// syntax is supported in Entitlement Actions. Please refer to Defining hosts for more information about this syntax.
Perform AAAA lookups. IPv6 addresses will be resolved (as well as IPv4). AAAA look ups are disabled by default to improve system performance.
Update Interval (seconds). DNS resolver polling frequency (seconds) to get the latest IP address information. This will affect how quickly the Gateway will respond to changes. Defaults to 60 seconds.
Match Domains (Zone). When there is a match domain set, this DNS resolver will only be used for matching DNS names. This eliminates any unnecessary DNS look-ups. When no match domain is set, this DNS resolver is used for all DNS look-ups. The match domain will also be used as the 'zone' when Zone transfer is enabled (bee below).
DNS Servers. Enter one or more IP addresses for the DNS server(s). If left empty, the appliances' DNS Server settings will be used.
Zone transfers (to Gateway). Delegate DNS to the Gateway for those zones defined in Match Domains. Zone transfers are recommended as the DNS resolver can make a lot of DNS requests.
NOTE
Zone transfers usually requires that the feature be enabled on the DNS server for a specific IP address; in this case the Gateway(s).
Client DNS auto-configuration. Uses this resolver's DNS settings for the Clients when no other DNS Policy exists. A (hidden) DNS Policy will be created (with fallback Site enabled) along with a suitable (hidden) Entitlement. This will be assigned automatically when a user has at least one other Entitlement for this Site AND no other DNS Policy assigned.