Cisco Cisco Email Security Appliance C160 Mode D'Emploi
29-50
Cisco AsyncOS 8.0.1 for Email User Guide
Chapter 29 System Administration
Changing Network Settings
The new hostname appears in the prompt as follows:
mail3.example.com>
Configuring Domain Name System (DNS) Settings
You can configure the DNS settings for your Cisco appliance through the DNS page on the Network
menu of the GUI, or via the d
menu of the GUI, or via the d
nsconfig
command.
You can configure the following settings:
•
whether to use the Internet’s DNS servers or your own, and which specific server(s) to use
•
which interface to use for DNS traffic
•
the number of seconds to wait before timing out a reverse DNS lookup
•
clear DNS cache
Specifying DNS Servers
Cisco AsyncOS can use the Internet root DNS servers, your own DNS servers, or the Internet root DNS
servers and authoritative DNS servers you specify. When using the Internet root servers, you may specify
alternate servers to use for specific domains. Since an alternate DNS server applies to a single domain,
it must be authoritative (provide definitive DNS records) for that domain.
servers and authoritative DNS servers you specify. When using the Internet root servers, you may specify
alternate servers to use for specific domains. Since an alternate DNS server applies to a single domain,
it must be authoritative (provide definitive DNS records) for that domain.
AsyncOS supports “splitting” DNS servers when not using the Internet’s DNS servers. If you are using
your own internal server, you can also specify exception domains and associated DNS servers.
your own internal server, you can also specify exception domains and associated DNS servers.
When setting up “split DNS,” you should set up the in-addr.arpa (PTR) entries as well. So, for example,
if you want to redirect “.eng” queries to the nameserver 1.2.3.4 and all the .eng entries are in the 172.16
network, then you should specify “eng,16.172.in-addr.arpa” as the domains in the split DNS
configuration.
if you want to redirect “.eng” queries to the nameserver 1.2.3.4 and all the .eng entries are in the 172.16
network, then you should specify “eng,16.172.in-addr.arpa” as the domains in the split DNS
configuration.
Multiple Entries and Priority
For each DNS server you enter, you can specify a numeric priority. AsyncOS will attempt to use the DNS
server with the priority closest to 0. If that DNS server is not responding AsyncOS will attempt to use
the server at the next priority. If you specify multiple entries for DNS servers with the same priority, the
system randomizes the list of DNS servers at that priority every time it performs a query. The system
then waits a short amount of time for the first query to expire or “time out” and then a slightly longer
amount of time for the second, etc. The amount of time depends on the exact total number of DNS servers
and priorities that have been configured. The timeout length is the same for all IP addresses at any
particular priority. The first priority gets the shortest timeout, each subsequent priority gets a longer
timeout. Further, the timeout period is roughly 60 seconds. If you have one priority, the timeout for each
server at that priority will be 60 seconds. If you have two priorities, the timeout for each server at the
first priority will be 15 seconds, and each server at the second priority will be 45 seconds. For three
priorities, the timeouts are 5, 10, 45.
server with the priority closest to 0. If that DNS server is not responding AsyncOS will attempt to use
the server at the next priority. If you specify multiple entries for DNS servers with the same priority, the
system randomizes the list of DNS servers at that priority every time it performs a query. The system
then waits a short amount of time for the first query to expire or “time out” and then a slightly longer
amount of time for the second, etc. The amount of time depends on the exact total number of DNS servers
and priorities that have been configured. The timeout length is the same for all IP addresses at any
particular priority. The first priority gets the shortest timeout, each subsequent priority gets a longer
timeout. Further, the timeout period is roughly 60 seconds. If you have one priority, the timeout for each
server at that priority will be 60 seconds. If you have two priorities, the timeout for each server at the
first priority will be 15 seconds, and each server at the second priority will be 45 seconds. For three
priorities, the timeouts are 5, 10, 45.
Do you want to save the current configuration for rollback? [Y]> n
Changes committed: Fri May 23 11:42:12 2014 GMT