In this section:
This section provides an example for configuring DNS Groups, DNS query to an interface group outside the Address Context, and explains how to configure DNS A/SRV and NAPTR queries.
The SBC supports domain-name resolution through an external DNS servers. Each IP address context defines one or more DNS server groups, each containing up to eight DNS servers. The zone and/or SIP Trunk Group then indicates which DNS Server Group to use for requests requiring DNS resolution.
When a DNS group is configured at the Address Context level for an interface, it must also be configured at the Zone level in that Address Context. For example, the CLI command examples listed below accomplish the following:
Set DNS group to zone within Address Context.
% set addressContext default dnsGroup DNG-1 type ip interface IPIG-1 % set addressContext default dnsGroup DNG-1 localRecord RECORD1 data 1 hostName HOST-1 order roundrobin state enabled % set addressContext default dnsGroup DNG-1 server SERVER1 ipAddress 1.1.1.1 priority 1 recursionDesired true weight 10 % set addressContext default zone ZONE_AS dnsGroup DNG-1
The SBC Core supports up to eight DNS servers per DNS group. The SBC 5xx0/5400/7000 platforms support up to 2,048 DNS Groups system-wide. SBC SWe supports up to 128 DNS Groups. See SBC Provisioning Limits for additional provisioning limitations.
Before deleting a DNS group, first delete the DNS local record names and DNS server in that group.
The SBC Core supports associating the zone of a particular Address Context with the DNS Group of the another Address Context. For example, the DNS Group (D1) is configured in the Address Context (AC1). With this enhancement, you can associate Zone of Address Context (AC2) with DNS Group (D1) of the Address Context (AC1).
To perform this configuration:
To create DNS Groups d1 and d2 in the Address Context AC1, execute the following command:
% set addressContext AC1 dnsGroup d1 server d1Server ipAddress 10.54.78.20 state enabled commit % set addressContext AC1 dnsGroup d1 type ip interface LIG1 commit % set addressContext AC1 dnsGroup d2 server d2Server ipAddress 10.54.78.21 state enabled commit % set addressContext AC1 dnsGroup d2 type ip interface LIG1 commit
To associate the DNS Group d2 to the zone belongging to a different Address Context AC2, execute the following command:
% set addressContext AC2 zone ZONE_AS dnsGroup d2 commit
To query the PSX FQDN with a particular DNS Group d2, execute the following command:
% set system policyServer globalConfig dnsGroup d2 % commit
The SBC supports DNS A/SRV and NAPTR Queries. The DNS Group and DNS support type configuration is required in the SBC to trigger the DNS Queries to the DNS Server.
Perform the following steps to configure the DNS server for DNS A/SRV and NAPTR queries:
Create a DNS group and add a DNS server in the group.
More than one DNS server can be added. Each is selected based on its weight and the priority.
% set addressContext a1 dnsGroup <dnsgroupname> server <servername> ipAddress <DNS ipaddress> state enabled
In the SIP Trunk Group services, create a Static route for the DNS Server.
% set addressContext a1 zone <zone_name> sipTrunkGroup <trunkgrp name> services dnsSupportType a-srv-naptr % set addressContext a1 staticRoute <dns ip address> <prefix> <gateway ip> <Intfce> <if_ethx> preference 10
In the IP Signaling Profile, enable the "noPortNumber5060" flag.
% set profiles signaling ipSignalingProfile <SIP IP signaling profile name> commonIpAttributes flags noPortNumber5060 enable
Ensure that IP Peer returns the domain name so the SBC can send the query to the DNS Server.
% set addressContext a1 zone <dnsgroupname> ipPeer <peer name> policy sip fqdn <Domain name> fqdnPort <port>
For NAPTR/SRV lookups, ensure the port number is not configured under IP Peer on the SBC, or IP Signaling Peer Group in the PSX, if external PSX is used. If only A-record lookups are required, the port must be configured.
Check the DNS server status and statistics:
% show table/status addressContext a1 dnsGroup DNSGroup1 dnsServerStatistics % show table/status addressContext a1 dnsGroup DNSGroup1 dnsEntryStatus % show table/status addressContext a1 dnsGroup DNSGroup1 dnsEntryDataStatus
Refer to the following pages for command syntax details: