We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see https://campus.barracuda.com/doc/71862301/ for further information on our EoS policy.

How to Configure the DNS Service

  • Last updated on

The Barracuda NG Firewall can act as a authoritative DNS server for your domains.

In this article:

Before you Begin

Before modifying the server settings, you must create a DNS service. For more information, see How to Configure Services.

Configure the DNS Service

To configure zone-independent DNS server settings,

  1. Expand the DNS Service configuration node (Config > Full Config page and expand Box > Virtual Servers > your virtual server > Assigned Services > DNS-Service).
  2. Double-click DNS Configuration
  3. Right click the server name in the DNS configuration area (e.g.: S1_dns) and select Lock Server.
  4. Right click the server name and select Properties.
    dns_s1.png

  5. In the Interface section, configure the forwarding behavior of the DNS service. 

    dns_pro.png
    • forward – This menu offers the following settings:
      • <blank> – The default settings of BIND are used.
      • first – The server forwards the DNS query first. Only in case no entry is found the local database is queried.
      • only  The server forwards all DNS queries. 
    • forwarders – Enter the IP addresses of the DNS servers to which DNS queries are forwarded. Separate multiple entries with a semicolon and space (e.g. 10.0.0.53; 10.0.0.67).
    • recursion– Define the allowance of recursive queries. The following options are available:
      • <blank>  The default settings of BIND are used. 
      • yes – The server allows recursive queries.
      • no – The server does not allow recursive queries.
    • notify - Define whether the DNS server should actively notify its slaves about settings updates. 
    • forward source-ip – This field offers various options to select the IPv4 or IPv6 address to be used for contacting other DNS servers.
      • <blank> – The default settings of BIND are used. 
      • server-first – The DNS service uses the first server IP for connecting.
      • server-second– The DNS service uses the second server IP for connecting.
      • explicit – The DNS service uses an explicit IP address for connecting. This IP address must be configured as a server IP.

        Separate multiple IP addresses or address ranges using semicolon and whitespace characters (e.g. 10.0.0.53; 10.0.0.67; 192.168.0.10; 10.17.0.0/16). Use CIDR notation.

  6. In the Security section, configure security options for the DNS service (when selecting any, you can optionally define one or more further IPv4 or IPv6 addresses):
    • allow notify  Hosts that are allowed to notify the DNS server about zone changes.

    • allow query  Hosts that are allowed to query the DNS server. By default all hosts are allowed to query the DNS server.
    • allow recursion – Hosts that are allowed to make recursive queries on this server.
    • allow transfer  Hosts that are allowed to fetch the DNS database from the DNS server.
    • blackhole  Addresses that the server will not accept queries from and not use to resolve a query.
    In each pull-down field, one of the following values can be filled in: 
    • none
    • any (one or more IPv4 or IPv6 addresses) – These entries can optionally be complemented with further IP addresses.

  7. Click OK.
  8. Click Send Changes and Activate.

Continue with How to Configure DNS Zones.

Last updated on