This section is located at the network dns level.
12.6.5.1. Settings for System DNS servers¶
You configure system DNS servers at the network dns system-dns-servers level.
To add new DNS servers or update the list of existing ones, use the following commands:
Admin@UGOS# set network dns system-dns-servers + [ <ip> <ip> ... ]
Admin@UGOS# set network dns system-dns-servers [ <ip> <ip> ... ]To delete the entire list of DNS server addresses, use the following command:
Admin@UGOS# delete network dns system-dns-serversTo delete individual servers, use the following command:
Admin@UGOS# delete network dns system-dns-servers [ <ip> <ip> ... ]To display the list of system DNS servers, use the following command:
Admin@UGOS# show network dns system-dns-servers12.6.5.2. DNS proxy settings¶
You configure DNS proxies at the network dns proxy-settings level.
To update DNS proxy settings, use the following command:
Admin@UGOS# set network dns proxy-settingsAdd the parameters you want to change:
|
Parameter |
Description |
|---|---|
|
filtering |
DNS request filtering:
|
|
caching |
Cache DNS responses:
|
|
limit |
Limit the number of DNS queries per second for each user (default value: 100). |
|
max-ttl |
Maximum possible time-to-live for DNS records. |
|
recursive |
Perform recursive DNS queries:
|
|
dns-timeout |
Time to the next attempt to query a DNS server (in milliseconds). |
|
a-aaaa-unknown |
Respond only to requests for A and AAAA records from unknown users. This effectively blocks attempts to establish a VPN over the DNS protocol:
|
|
retries |
Number of attempts to send a DNS request. |
|
factory-defaults |
Reset the values of the selected parameter (parameters shown in this table) or all parameters (all) to factory defaults. |
To display DNS proxy settings, use the following command:
Admin@UGOS# show network dns proxy-settingsThe parameters you can view values for are listed in the table above.
12.6.5.3. Configuring DNS rules¶
You configure DNS rules at the network dns rules level using UPL. For more details on the command structure, see Configuring Rules Using UPL.
DNS rule parameters:
|
Parameter |
Description |
|---|---|
|
PASS OK |
Action to create a rule using UPL. |
|
enabled |
Enable/disable the rule:
|
|
name |
The name of the rule. Example: name("DNS rule example"). |
|
desc |
DNS proxy rule description. Example: desc("DNS rule example set via CLI"). |
|
url.domain |
List of domains to which you want to redirect. You can use an asterisk (*) to specify a domain template. To specify a list of domains: url.domain = "*.example.com". |
|
dns_server |
List of DNS server IP addresses to which requests for the specified domains should be forwarded. To specify a server: dns_server(1.2.3.4). |
12.6.5.4. Configuring DNS proxy static records¶
This section is located at the network dns static-records level.
To add a static DNS record, use the following command:
Admin@UGOS# create network dns static-recordsSpecify the parameters:
|
Parameter |
Description |
|---|---|
|
enabled |
Enable/disable static record usage:
|
|
name |
Record name. |
|
description |
DNS record description. |
|
domain |
Static record FQDN (Fully Qualified Name), e.g. www.example.com. |
|
static-dns-ips |
List of IP addresses the UserGate server will return when this FQDN is queried. |
To update information about static DNS records, use the following command:
Admin@UGOS# set network dns static-records <static-record-name>The set of parameters available to change is the same as those for the create command.
To delete a static record, use the following command:
Admin@UGOS# delete network dns static-records <static-record-name>You can also delete only the static-dns-ips parameter values from the static record.
The following command:
Admin@UGOS# show network dns static-recordsdisplays information about all existing static DNS records. To display information about a specific record, use the following command:
Admin@UGOS# show network dns static-records <static-record-name>