In this section:
The DNS (Domain Name System) group object contains a list of DNS servers used to resolve SIP NAPTR, SRV, and A-record lookups.
The following diagram shows a typical DNS server group configuration.
The SBC supports associating a DNS group with a zone belonging to a different Address Context than that of the DNS group. The DNS query is resolved using the DNS group configured. Refer to Configuring DNS Groups for a configuration example.
Creating and Configuring DNS Servers
The DNS Client sends the query to the server with the highest priority (lower value) first, and in case of a timeout, the query is resent to the server with the next highest priority. For servers with the same priority, the selection is distributed based on the weight value. Priority and weight values are configurable. You can also configure recursion preference (recursion involves assistance from other DNS servers to help resolve the query).
Configure the DNS group at the Zone level for the interface within the Address Context.
To assign a DNS group to a zone, refer to Zone - DNS Group - CLI page.
The SBC Core supports up to eight DNS servers per DNS group. The SBC 5400/7000 platforms support up to 2,048 DNS Groups system-wide. The SBC SWe supports up to 128 DNS Groups. Refer to SBC Provisioning Limits for additional provisioning limitations.
The SBC 7000 system supports creating IP Interface Groups containing sets of IP interfaces that are not "processor friendly" (i.e. carried on physical Ethernet ports served by separate processors). However, restrictions exist regarding the usage of such Interface Groups.
(This ability does not apply to the SBC 5400 system which have only two physical media ports. IP interfaces from the two physical ports may be configured within the same IP Interface Groups without restrictions.)
For complete details, refer to Configuring IP Interface Groups and Interfaces.
You must configure Cluster Admin for intra-cluster node communication before configuring a D-SBC signaling port, Load balancing service and DNS group parameters.
Refer to Cluster Admin - CLI for configuration details.
Command Syntax
The full DNS Group CLI syntax is shown below:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> dnsFallback <disabled | enabled> dnslookupTimeoutTimer <10-300> ednsSupport <disabled | enabled> interface <interface name> localRecord <record name> data <#> hostName <name> order <centralized-roundrobin | priority | roundrobin> state <disabled | enabled> negativeDnsCacheSupport <disabled | enabled> negativeDnsCacheTimer <10-300> server <DNS server name> dscpValue <0-63> ipAddress <ip address> priority <0-100> recordOrder <centralized-roundrobin | priority | roundrobin> recursionDesired <false | true> state <disabled | enabled> tcpFallback <disabled | enabled> transportProtocol <tcp | udp> weight <0-100> transport <tcp | udp> type <ip | mgmt | none> useConfiguredDnsServer <disabled | enabled>
CLI syntax to configure which type of IP interface to use:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> type <ip | mgmt | none>
CLI syntax to configure a local DNS resource record:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> localRecord <record_name> data <index#> ipAddress <ip address> priority <0-100> state <disabled | enabled> type <a | aaaa> hostName <host_Name> order <centralized-roundrobin | priority | roundrobin> state <enabled | disabled>
CLI syntax to configure a DNS server:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> server <DNS server name> dscpValue <0-63> ipAddress <DNS_ipAddress> priority <0-100> recordOrder <centralized-roundrobin | priority | roundrobin> recursionDesired <false | true> state <disabled | enabled> tcpFallback <disabled | enabled> transportProtocol <tcp | udp> weight <0-100>
CLI syntax to configure the type of IP interface to use for this DNS Group:
% set addressContext <addressContext_name> dnsGroup <dnsGroup_name> type ip -OR- % set addressContext <addressContext_name> dnsGroup <dnsGroup_name> type mgmt interface mgmtGroup
CLI syntax to configure an RCODE error monitoring timer interval which the SBC uses to monitor RCODE errors.
% set addressContext <address_context_name> dnsGroup <dnsgroup> rcodeErrorMonitorTimer <rcode_error_monitor_timer>
Command Parameters
The SBC supports, by default, 1,300 Maximum Transmission Unit (MTU) bytes, and the MTU size used by the SBC is configurable. If the initial INVITE message size exceeds the default MTU value, the SBC sends the data over the TCP transport protocol. The TCP transport protocol is used if it is allowed by the transport profile irrespective of its preference order.
The current TCP Fallback feature does the following:
- Enables the SBC to reject UDP INVITE with PDU size more than configured MTU value with “513 Message Too Large”.
- It is up to the far-end to recognize this “513 Message Too Large” and switch to TCP.
- This feature does not enable the SBC itself to fall back to TCP on receiving “513 Message Too Large” from far-end.
- Once the transport protocol is determined by the application layer in SBC, if the size of the INVITE PDU is increased later (say through SMM rules), the SBC will NOT be able to change the transport protocol to TCP, instead the INVITE is sent using the already determined transport protocol irrespective of the MTU Size configured.
Command Examples
Refer to Configuring DNS Groups page for examples on DNS configurations.