Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

Página de 652
Chapter 15      System Administration
15-62
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
not match, or if an A record does not exist, the system only uses the IP address to 
match entries in the Host Access Table (HAT).] This particular timeout period 
applies only to this lookup and is not related to the general DNS timeout discussed 
in 
The default value is 20 seconds. You can disable the reverse DNS lookup timeout 
globally across all listeners by entering ‘0’ as the number of seconds. 
If the value is set to 0 seconds, the reverse DNS lookup is not attempted, and 
instead the standard timeout response is returned immediately. This also prevents 
the appliance from delivering mail to domains that require TLS-verified 
connections if the receiving host’s certificate has a common name (CN) that maps 
to the host’s IP lookup.
DNS Alert
Occasionally, an alert may be generated with the message “Failed to bootstrap the 
DNS cache” when an appliance is rebooted. The messages means that the system 
was unable to contact its primary DNS servers, which can happen at boot time if 
the DNS subsystem comes online before network connectivity is established. If 
this message appears at other times, it could indicate network issues or that the 
DNS configuration is not pointing to a valid server.
Clearing the DNS Cache
The Clear Cache button from the GUI, or the d
nsflush
 command (for more 
information about the 
dnsflush
 command, see the Cisco IronPort AsyncOS CLI 
Reference Guide), clears all information in the DNS cache. You may choose to use 
this feature when changes have been made to your local DNS system. The 
command takes place immediately and may cause a temporary performance 
degradation while the cache is repopulated.
Configuring DNS Settings via the Graphical User Interface
Log in to the Graphical User Interface (GUI) and click the DNS link on the 
Network tab.