Description
A DNS Profile can be used by one or many IP Policies which has its service object configured with DNS as protocol.
Properties
- Name
- Specifies a symbolic name for the Profile. (Identifier)
- MaxUDPQueryLength
- Maximum payload size in DNS queries over UDP. (Default: 4096)
- MaxUDPResponseLength
- Maximum payload size in DNS responses over UDP. (Default: 4096)
- MaxTCPQueryLength
- Maximum message size in DNS queries over TCP. (Default: 4096)
- MaxTCPResponseLength
- Maximum message size in DNS responses over TCP. (Default: 4096)
- LogDNSLookups
- Enable Logging of Resolved DNS Queries and Replies. (Default: Yes)
- PopulateDNSCache
- Populate the system's DNS-cache when new IP addresses are discovered. This must be enabled when Wildcard FQDN address objects
are in use. (Default: Yes)
- RecursionDesiredFlag
- Policy for handling the Recursion Desired flag in DNS messages. (Default: Allow)
- MaxQuestionEntries
- Maximum number of question entries. (Default: 1)
- AllowAllClasses
- Allow all DNS Record classes. (Default: No)
- AllowedClasses
- List of allowed DNS Record classes in DNS queries and reponses. (Default: IN)
- AllowAllTypes
- Allow all DNS Record types. (Default: Yes)
- AllowedTypes
- List of allowed DNS Record types in DNS queries and responses.
- ScrambleQueryID
- Mitigation against cache poisoning. Scrambles message IDs in queries sent over UDP, and de-scrambles them before delivering
the reply. (Default: Yes)
- Attribute
- Special Attribute of the current object. (Optional)
- Comments
- Text describing the current object. (Optional)
cOS Core 15.00.01 CLI Reference Guide
