Cisco Cisco Content Security Management Appliance M160 Guía Del Usuario
11-79
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Chapter 11 Common Administrative Tasks
amount of time depends on the exact total number of DNS servers and priorities
that have been configured. The timeout length is the same for all IP addresses at
any particular priority. The first priority gets the shortest timeout; each
subsequent priority gets a longer timeout. Further, the timeout period is roughly
60 seconds. If you have one priority, the timeout for each server at that priority is
60 seconds. If you have two priorities, the timeout for each server at the first
priority is 15 seconds, and each server at the second priority is 45 seconds. For
three priorities, the timeouts are 5, 10, 45.
that have been configured. The timeout length is the same for all IP addresses at
any particular priority. The first priority gets the shortest timeout; each
subsequent priority gets a longer timeout. Further, the timeout period is roughly
60 seconds. If you have one priority, the timeout for each server at that priority is
60 seconds. If you have two priorities, the timeout for each server at the first
priority is 15 seconds, and each server at the second priority is 45 seconds. For
three priorities, the timeouts are 5, 10, 45.
For example, suppose you configure four DNS servers, with two of them at
priority 0, one at priority 1, and one at priority 2:
priority 0, one at priority 1, and one at priority 2:
AsyncOS randomly chooses between the two servers at priority 0. If one of the
priority 0 servers is down, the other is used. If both of the priority 0 servers are
down, the priority 1 server (1.2.3.6) is used, and then, finally, the priority 2
(1.2.3.7) server.
priority 0 servers is down, the other is used. If both of the priority 0 servers are
down, the priority 1 server (1.2.3.6) is used, and then, finally, the priority 2
(1.2.3.7) server.
The timeout period is the same for both priority 0 servers, longer for the priority
1 server, and longer still for the priority 2 server.
1 server, and longer still for the priority 2 server.
Using the Internet Root Servers
The AsyncOS DNS resolver is designed to accommodate the large number of
simultaneous DNS connections required for high-performance email delivery.
simultaneous DNS connections required for high-performance email delivery.
Note
If you choose to set the default DNS server to something other than the Internet
root servers, that server must be able to recursively resolve queries for domains
for which it is not an authoritative server.
root servers, that server must be able to recursively resolve queries for domains
for which it is not an authoritative server.
Table 11-4
Example of DNS Servers, Priorities, and Timeout Intervals
Priority
Server(s)
Timeout (Seconds)
0
1.2.3.4, 1.2.3.5
5, 5
1
1.2.3.6
10
2
1.2.3.7
45