config global-dns-server remote-dns-server
Use this command to create a list of DNS forwarders.
DNS forwarders are commonly used when you do not want the local DNS server to connect to Internet DNS servers. For example, if the local DNS server is behind a firewall and you do not want to allow DNS through that firewall, you implement DNS forwarding to a remote server that is deployed in a DMZ or similar network region that can contact Internet DNS servers.
Before you begin:
- You must have a good understanding of DNS and knowledge of the remote DNS servers that can be used to communicate with Internet domain servers.
- You must have read-write permission for global load balancing settings.
After you have configured a remote DNS server, you can select it in the DNS zone and DNS policy configurations.
Syntax
config global-dns-server remote-dns-server
edit <name>
config member
edit <No.>
set addr-type {ipv4|ipv6}
set ip <class_ip>
set ip6 <class_ip>
set port <integer>
next
end
next
end
addr-type |
IPv4 or IPv6 |
ip |
IP address of the remote DNS server. |
ip6 |
IP address of the remote DNS server. |
port |
Port number the remote server uses for DNS. The default is 53. |
Example
FortiADC-VM # config global-dns-server remote-dns-server
FortiADC-VM (remote-dns-ser~e) # edit google.com
Add new entry 'google.com' for node 2329
FortiADC-VM (google.com) # config member
FortiADC-VM (member) # edit 1
Add new entry '1' for node 2331
FortiADC-VM (1) # get
addr-type : ipv4
ip : 0.0.0.0
port : 53
FortiADC-VM (1) # set ip 8.8.8.8
FortiADC-VM (1) # get
addr-type : ipv4
ip : 8.8.8.8
port : 53
FortiADC-VM (1) # end
FortiADC-VM (google.com) # end