Cisco Cisco Email Security Appliance C650 Guía Del Usuario
Chapter 15 System Administration
15-62
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
not match, or if an A record does not exist, the system only uses the IP address to
match entries in the Host Access Table (HAT).] This particular timeout period
applies only to this lookup and is not related to the general DNS timeout discussed
in
match entries in the Host Access Table (HAT).] This particular timeout period
applies only to this lookup and is not related to the general DNS timeout discussed
in
The default value is 20 seconds. You can disable the reverse DNS lookup timeout
globally across all listeners by entering ‘0’ as the number of seconds.
globally across all listeners by entering ‘0’ as the number of seconds.
If the value is set to 0 seconds, the reverse DNS lookup is not attempted, and
instead the standard timeout response is returned immediately. This also prevents
the appliance from delivering mail to domains that require TLS-verified
connections if the receiving host’s certificate has a common name (CN) that maps
to the host’s IP lookup.
instead the standard timeout response is returned immediately. This also prevents
the appliance from delivering mail to domains that require TLS-verified
connections if the receiving host’s certificate has a common name (CN) that maps
to the host’s IP lookup.
DNS Alert
Occasionally, an alert may be generated with the message “Failed to bootstrap the
DNS cache” when an appliance is rebooted. The messages means that the system
was unable to contact its primary DNS servers, which can happen at boot time if
the DNS subsystem comes online before network connectivity is established. If
this message appears at other times, it could indicate network issues or that the
DNS configuration is not pointing to a valid server.
DNS cache” when an appliance is rebooted. The messages means that the system
was unable to contact its primary DNS servers, which can happen at boot time if
the DNS subsystem comes online before network connectivity is established. If
this message appears at other times, it could indicate network issues or that the
DNS configuration is not pointing to a valid server.
Clearing the DNS Cache
The Clear Cache button from the GUI, or the d
nsflush
command (for more
information about the
dnsflush
command, see the Cisco IronPort AsyncOS CLI
Reference Guide), clears all information in the DNS cache. You may choose to use
this feature when changes have been made to your local DNS system. The
command takes place immediately and may cause a temporary performance
degradation while the cache is repopulated.
this feature when changes have been made to your local DNS system. The
command takes place immediately and may cause a temporary performance
degradation while the cache is repopulated.
Configuring DNS Settings via the Graphical User Interface
Log in to the Graphical User Interface (GUI) and click the DNS link on the
Network tab.
Network tab.