It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Configure the DNS Service

  • Last updated on

The Barracuda CloudGen Firewall can act as a authoritative DNS server for your domains.

Before You Begin

Before modifying the server settings, you must create a DNS service. For more information, see How to Configure Services.

Configure the DNS Service

To configure zone-independent DNS server settings,

  1. Go to CONFIGURATION Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > DNS-Service.
  2. Double-click DNS Configuration
  3. Right click the server name in the DNS configuration area (e.g.: S1_dns) and select Lock Server.
  4. Right click the server name and select Properties.
    dns_s1.png

  5. In the Interface section, configure the forwarding behavior of the DNS service. 

    dns_pro.png
    • forward – This menu offers the following settings:
      • <blank> – The default settings of BIND are used.
      • first – The server forwards the DNS query first. Only in case no entry is found the local database is queried.
      • only  The server forwards all DNS queries. 
    • forwarders – Enter the IP addresses of the DNS servers to which DNS queries are forwarded. Separate multiple entries with a semicolon and space (e.g. 10.0.0.53; 10.0.0.67).
    • recursion– Define the allowance of recursive queries. The following options are available:
      • <blank>  The default settings of BIND are used. 
      • yes – The server allows recursive queries.
      • no – The server does not allow recursive queries.
    • notify - Define whether the DNS server should actively notify its slaves about settings updates. 
    • forward source-ip – This field offers various options to select the IPv4 or IPv6 address to be used for contacting other DNS servers.
      • <blank> – The default settings of BIND are used. 
      • server-first – The DNS service uses the first server IP for connecting.
      • server-second– The DNS service uses the second server IP for connecting.
      • explicit – The DNS service uses an explicit IP address for connecting. This IP address must be configured as a server IP.

  6. In the Security section, configure security options for the DNS service (when selecting any, you can optionally define one or more further IPv4 or IPv6 addresses):
    • allow notify  Hosts that are allowed to notify the DNS server about zone changes.

    • allow query  Hosts that are allowed to query the DNS server. By default all hosts are allowed to query the DNS server.
    • allow recursion – Hosts that are allowed to make recursive queries on this server.
    • allow transfer  Hosts that are allowed to fetch the DNS database from the DNS server.
    • blackhole  Addresses that the server will not accept queries from and not use to resolve a query.
    In each pull-down field, one of the following values can be filled in: 
    • none
    • any (one or more IPv4 or IPv6 addresses) – These entries can optionally be complemented with further IP addresses.

  7. Click OK.
  8. Click Send Changes and Activate.

Continue with How to Configure DNS Zones.