Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    6.0.0
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    system dns

    system dns

    Configure DNS settings used to resolve domain names to IP addresses, so devices connected to a FortiGate interface can use it.

    History

    The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.5.

    Command Description

    config domain

    Allows you to add multiple DNS domains.

    		 
    config system dns
    set primary {ipv4 address}   Primary DNS server IP address.
    set secondary {ipv4 address}   Secondary DNS server IP address.
    config domain
        edit {domain}
        # Search suffix list for hostname lookup.
            set domain {string}   DNS search domain list separated by space (maximum 8 domains) size[127]
        next
    set ip6-primary {ipv6 address}   Primary DNS server IPv6 address.
    set ip6-secondary {ipv6 address}   Secondary DNS server IPv6 address.
    set timeout {integer}   DNS query timeout interval in seconds (1 - 10). range[1-10]
    set retry {integer}   Number of times to retry (0 - 5). range[0-5]
    set dns-cache-limit {integer}   Maximum number of records in the DNS cache. range[0-4294967295]
    set dns-cache-ttl {integer}   Duration in seconds that the DNS cache retains information. range[60-86400]
    set cache-notfound-responses {disable | enable}   Enable/disable response from the DNS server when a record is not in cache.
    set source-ip {ipv4 address}   IP address used by the DNS server as its source IP.
end

    primary <ip>

    The primary DNS server IP address, default is 208.91.112.53, a FortiGuard server.

    secondary <ip>

    The secondary DNS server IP address, default is 208.91.112.52, a FortiGuard server.

    config domain

    Add one or more DNS domains.

    domain <string>

    The domain name suffix for the IP addresses of the DNS server.

    ip6-primary <ipv6>

    The primary DNS server IPv6 address.

    ip6-secondary <ipv6>

    The secondary DNS server IPv6 address.

    dns-cache-limit <integer>

    The number of records in the DNS cache, value between 0 and 4294967295, default is 5000.

    dns-cache-ttl <integer>

    The duration, in seconds, that the DNS cache retains information, value between 60 and 86400, default is 1800.

    cache-notfound-responses {disable | enable}

    Disable or enable response from the DNS server when a record is not in cache, default is disable.

    source-ip <ip>

    The IP address used by the DNS server as the source IP.

    Previous
    Next

    system dns

    system dns

    Configure DNS settings used to resolve domain names to IP addresses, so devices connected to a FortiGate interface can use it.

    History

    The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.5.

    Command Description

    config domain

    Allows you to add multiple DNS domains.

    		 
    config system dns
    set primary {ipv4 address}   Primary DNS server IP address.
    set secondary {ipv4 address}   Secondary DNS server IP address.
    config domain
        edit {domain}
        # Search suffix list for hostname lookup.
            set domain {string}   DNS search domain list separated by space (maximum 8 domains) size[127]
        next
    set ip6-primary {ipv6 address}   Primary DNS server IPv6 address.
    set ip6-secondary {ipv6 address}   Secondary DNS server IPv6 address.
    set timeout {integer}   DNS query timeout interval in seconds (1 - 10). range[1-10]
    set retry {integer}   Number of times to retry (0 - 5). range[0-5]
    set dns-cache-limit {integer}   Maximum number of records in the DNS cache. range[0-4294967295]
    set dns-cache-ttl {integer}   Duration in seconds that the DNS cache retains information. range[60-86400]
    set cache-notfound-responses {disable | enable}   Enable/disable response from the DNS server when a record is not in cache.
    set source-ip {ipv4 address}   IP address used by the DNS server as its source IP.
end

    primary <ip>

    The primary DNS server IP address, default is 208.91.112.53, a FortiGuard server.

    secondary <ip>

    The secondary DNS server IP address, default is 208.91.112.52, a FortiGuard server.

    config domain

    Add one or more DNS domains.

    domain <string>

    The domain name suffix for the IP addresses of the DNS server.

    ip6-primary <ipv6>

    The primary DNS server IPv6 address.

    ip6-secondary <ipv6>

    The secondary DNS server IPv6 address.

    dns-cache-limit <integer>

    The number of records in the DNS cache, value between 0 and 4294967295, default is 5000.

    dns-cache-ttl <integer>

    The duration, in seconds, that the DNS cache retains information, value between 60 and 86400, default is 1800.

    cache-notfound-responses {disable | enable}

    Disable or enable response from the DNS server when a record is not in cache, default is disable.

    source-ip <ip>

    The IP address used by the DNS server as the source IP.

    Previous
    Next