DNS

Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. uses the Domain Name Service (DNS) to translate host names into IP addresses.

To enable DNS lookups, you must enter the primary DNS server for your system. You can also enter secondary and tertiary DNS servers.

When the system resolves host names, it consults the primary name server. If a failure or time-out occurs, the system consults the secondary name server, and if necessary, the tertiary.

You can also define a DNS Suffix, which is a search for host-name lookup.

Important - From R81, you can configure specific DNS settings in each Virtual System. See the R81 VSX Administration Guide.

Configuring DNS in Gaia Portal

To configure the DNS Servers

Step

Instructions

In the navigation tree, click Network Management > Hosts and DNS.

In the System Name section:

In the Domain Name field, enter the domain name (for example, example.com).

In the DNS section:

In the DNS Suffix field, enter the domain name suffix.

Specifies the name that is put at the end of all DNS searches if they fail.

By default, it must be the local domain name.

A valid domain name suffix is made up of subdomain strings separated by periods.

Subdomain strings must begin with an alphabetic letter and can consist only of alphanumeric characters and hyphens.

The domain name syntax is described in RFC 1035 (modified slightly in RFC 1223).

Note - Domain names that are also valid numeric IP addresses (for example: 10.19.76.100), although syntactically correct, are not permitted.

Example:

You configured the DNS Suffix "example.com" and you try to ping the host "foo" (with the command "ping foo"). If Gaia cannot resolve "foo", then Gaia tries to resolve "foo.example.com".

In the Primary DNS Server field, enter the IPv4 or IPv6 address of the Primary DNS server.
Optional: In the Secondary DNS Server field, enter the IPv4 or IPv6 address of the Secondary DNS server (to use if the primary DNS server does not respond).
Optional: In the Tertiary DNS Server field, enter the IPv4 or IPv6 address of the Tertiary DNS server (to use if the primary and secondary DNS servers do not respond).
Click Apply.

Configuring DNS in Gaia Clish

Description

Configure, show and delete the DNS servers and the DNS suffix for the Gaia computer.

Syntax

Important - After you add, configure, or delete features, run the "save config" command to save the settings permanently.

Parameters

CLI Parameters

Parameter

Description

primary <IPv4 or IPv6 Address>

Specifies the IPv4 or IPv6 address of the primary DNS server, which resolve host names.

This must be a host that runs a DNS server.

secondary <IPv4 or IPv6 Address>

Specifies the IPv4 or IPv6 address of the secondary DNS server, which resolves host names if the primary server does not respond.

This must be a host that runs a DNS server.

tertiary <IPv4 or IPv6 Address>

Specifies the IPv4 or IPv6 address of the tertiary DNS server, which resolves host names if the primary and secondary servers do not respond.

This must be a host that runs a DNS server.

suffix <Name for Local Domain>

Specifies the name that is put at the end of all DNS searches if they fail.

By default, it must be the local domain name.

A valid domain name suffix is made up of subdomain strings separated by periods.

Subdomain strings must begin with an alphabetic letter and can consist only of alphanumeric characters and hyphens.

The domain name syntax is described in RFC 1035 (modified slightly in RFC 1223).

Note - Domain names that are also valid numeric IP addresses (for example: 10.19.76.100), although syntactically correct, are not permitted.

Example:

You configured the DNS Suffix "example.com" and you try to ping the host "foo" (with the command "ping foo"). If Gaia cannot resolve "foo", then Gaia tries to resolve "foo.example.com".