config system dns
Configure DNS.
config system dns Description: Configure DNS. set primary {ipv4-address} set secondary {ipv4-address} set protocol {option1}, {option2}, ... set ssl-certificate {string} set server-hostname <hostname1>, <hostname2>, ... set domain <domain1>, <domain2>, ... set ip6-primary {ipv6-address} set ip6-secondary {ipv6-address} set timeout {integer} set retry {integer} set dns-cache-limit {integer} set dns-cache-ttl {integer} set cache-notfound-responses [disable|enable] set source-ip {ipv4-address} set interface-select-method [auto|sdwan|...] set interface {string} set server-select-method [least-rtt|failover] set alt-primary {ipv4-address} set alt-secondary {ipv4-address} set log [disable|error|...] set fqdn-cache-ttl {integer} set fqdn-min-refresh {integer} end
config system dns
Parameter |
Description |
Type |
Size |
Default |
||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
primary |
Primary DNS server IP address. |
ipv4-address |
Not Specified |
0.0.0.0 |
||||||||
secondary |
Secondary DNS server IP address. |
ipv4-address |
Not Specified |
0.0.0.0 |
||||||||
protocol |
DNS transport protocols. |
option |
- |
cleartext |
||||||||
|
|
|||||||||||
ssl-certificate |
Name of local certificate for SSL connections. |
string |
Maximum length: 35 |
Fortinet_Factory |
||||||||
server-hostname |
DNS server host name list. DNS server host name list separated by space (maximum 4 domains). |
string |
Maximum length: 127 |
|
||||||||
domain |
Search suffix list for hostname lookup. DNS search domain list separated by space (maximum 8 domains). |
string |
Maximum length: 127 |
|
||||||||
ip6-primary |
Primary DNS server IPv6 address. |
ipv6-address |
Not Specified |
:: |
||||||||
ip6-secondary |
Secondary DNS server IPv6 address. |
ipv6-address |
Not Specified |
:: |
||||||||
timeout |
DNS query timeout interval in seconds. |
integer |
Minimum value: 1 Maximum value: 10 |
5 |
||||||||
retry |
Number of times to retry. |
integer |
Minimum value: 0 Maximum value: 5 |
2 |
||||||||
dns-cache-limit |
Maximum number of records in the DNS cache. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
5000 |
||||||||
dns-cache-ttl |
Duration in seconds that the DNS cache retains information. |
integer |
Minimum value: 60 Maximum value: 86400 |
1800 |
||||||||
cache-notfound-responses |
Enable/disable response from the DNS server when a record is not in cache. |
option |
- |
disable |
||||||||
|
|
|||||||||||
source-ip |
IP address used by the DNS server as its source IP. |
ipv4-address |
Not Specified |
0.0.0.0 |
||||||||
interface-select-method |
Specify how to select outgoing interface to reach server. |
option |
- |
auto |
||||||||
|
|
|||||||||||
interface |
Specify outgoing interface to reach server. |
string |
Maximum length: 15 |
|
||||||||
server-select-method |
Specify how configured servers are prioritized. |
option |
- |
least-rtt |
||||||||
|
|
|||||||||||
alt-primary |
Alternate primary DNS server. This is not used as a failover DNS server. |
ipv4-address |
Not Specified |
0.0.0.0 |
||||||||
alt-secondary |
Alternate secondary DNS server. This is not used as a failover DNS server. |
ipv4-address |
Not Specified |
0.0.0.0 |
||||||||
log |
Local DNS log setting. |
option |
- |
disable |
||||||||
|
|
|||||||||||
fqdn-cache-ttl |
FQDN cache time to live in seconds. |
integer |
Minimum value: 0 Maximum value: 86400 |
0 |
||||||||
fqdn-min-refresh |
FQDN cache minimum refresh time in seconds. |
integer |
Minimum value: 10 Maximum value: 3600 |
60 |