9.2 DNS Cache Configuration
9.2.1 Configuration Guidelines
Table 9-1 General Settings of DNS Cache
| Operation | Command |
| Define related SLB component | slb real dns <real_name> <ip> <port> [max_conn]
[dns|icmp|script-tcp|script-udp|sip-tcp|sip-udp|dns] [hc_up] [hc_down] [timeout] slb virtual dns <virtual_name> <vip> [vport] [arp|noarp] [max_conn] slb policy static <virtual_name> <real_name> |
| Enable DNS cache | dns cache {on|off} |
| Configure the DNS cache expiration time | dns cache expire <min_seconds> <max_seconds> |
| Establish hosts for the DNS cache | dns cache host <host_name> <ip> |
9.2.2 Configuration Example via CLI
- Step 1 Configure necessary SLB component
Since DNS cache is interdependent with SLB configuration strategies, please refer to the chapter Server Load Balancing (SLB). Below is a configuration example for DNS cache deployment. First, the SLB component needs to be established.
FortiBalancer(config)#slb real dns “RS_DNS_1” 10.1.1.10 53 1000 icmp 1 1 20
FortiBalancer(config)#slb virtual dns “VS_DNS_1” 10.1.61.100 53
FortiBalancer(config)#slb policy static “VS_DNS_1” “RS_DNS_1”
The commands above set up an SLB configuration where the real service is named and bound to a real IP address/port pair. This real service is then, in turn, bound to the configured virtual service via the static policy. These commands are covered in depth in the CLI Reference.
- Step 2 Enable DNS cache
To enable DNS cache, the “dns cache {on|off}” command should be used. The DNS cache is disabled by default.
FortiBalancer(config)#dns cache on
- Step 3 Configure the DNS cache expiration time
FortiBalancer(config)#dns cache expire 1 36000
- Step 4 Establish hosts for the DNS cache
FortiBalancer(config)#dns cache host “sting” 10.1.61.200
FortiBalancer(config)#dns cache host “gunrose” 10.1.61.100
FortiBalancer(config)#dns cache host “roxxette” 10.1.61.2
FortiBalancer(config)#dns cache host “queens” 10.1.61.47