This section provides an example for configuring DNS Groups, DNS query to an interface group outside the Address Context, and explains how to configure DNS A/SRV and NAPTR queries.
The
supports domain-name resolution through an external DNS servers. Each IP address context defines one or more DNS server groups, each containing up to eight DNS servers. The zone and/or SIP Trunk Group then indicates which DNS Server Group to use for requests requiring DNS resolution.
When a DNS group is configured at the Address Context level for an interface, it must also be configured at the Zone level in that Address Context. For example, the CLI command examples listed below accomplish the following:
- Configure DNS group "DNG-1" for Address Context "default" to include IP interface type, local resource record and DNS server settings.
Associate the DNS group to a zone within an Address Context
Code Block |
---|
|
% set addressContext default dnsGroup DNG-1 type ip interface IPIG-1
% set addressContext default dnsGroup DNG-1 localRecord RECORD1 data 1 hostName HOST-1 order roundrobin state enabled
% set addressContext default dnsGroup DNG-1 server SERVER1 ipAddress 1.1.1.1 priority 1 recursionDesired true weight 10
% set addressContext default zone ZONE_AS dnsGroup DNG-1 |
Include Page |
---|
| SBXDOC121:_DNSGroup_LimitSBXDOC121: |
---|
| _DNSGroup_Limit |
---|
|
Include Page |
---|
| SBXDOC121:_DNSGroup_delete_ruleSBXDOC121: |
---|
| _DNSGroup_delete_rule |
---|
|
DNS Query to an Interface Group Outside the Address Context
The SBC Core supports associating the zone of a particular Address Context with the DNS Group of the another Address Context. For example, the DNS Group (D1) is configured in the Address Context (AC1). With this enhancement, you can associate Zone of Address Context (AC2) with DNS Group (D1) of the Address Context (AC1).
To perform this configuration:
Anchor |
---|
| Creating DNS Groups |
---|
| Creating DNS Groups |
---|
|
Creating DNS Groups
To create DNS Groups d1 and d2 in the Address Context AC1, execute the following commands:
Code Block |
---|
% set addressContext AC1 dnsGroup d1 server d1Server ipAddress 10.54.78.20 state enabled
commit
% set addressContext AC1 dnsGroup d1 type ip interface LIG1
commit
% set addressContext AC1 dnsGroup d2 server d2Server ipAddress 10.54.78.21 state enabled
commit
% set addressContext AC1 dnsGroup d2 type ip interface LIG1
commit |
Anchor |
---|
| Associating the DNS Group to a Zone |
---|
| Associating the DNS Group to a Zone |
---|
|
Associating the DNS Group to a Zone
To associate the DNS Group d2 to the zone belongging to a different Address Context AC2, execute the following command:
Code Block |
---|
% set addressContext AC2 zone ZONE_AS dnsGroup d2
commit |
Anchor |
---|
| Querying the PSX FQDN |
---|
| Querying the PSX FQDN |
---|
|
Querying the PSX FQDN
To query the PSX FQDN with a particular DNS Group d2, execute the following command:
Code Block |
---|
% set system policyServer globalConfig dnsGroup d2
% commit |
The
supports DNS A/SRV and NAPTR Queries. The DNS Group and DNS support type configuration is required in the
to trigger the DNS Queries to the DNS Server.
Perform the following steps to configure the DNS server for DNS A/SRV and NAPTR queries:
Create a DNS group and add a DNS server in the group.
Tip |
---|
More than one DNS server can be added. Each is selected based on its weight and the priority. |
Code Block |
---|
|
% set addressContext a1 dnsGroup <dnsgroupname> server <servername> ipAddress <DNS ipaddress> state enabled |
In the SIP Trunk Group services, create a Static route for the DNS Server.
Code Block |
---|
|
% set addressContext a1 zone <zone_name> sipTrunkGroup <trunkgrp name> services dnsSupportType a-srv-naptr
% set addressContext a1 staticRoute <dns ip address> <prefix> <gateway ip> <Intfce> <if_ethx> preference 10 |
In the IP Signaling Profile, enable the "noPortNumber5060" flag.
Code Block |
---|
|
% set profiles signaling ipSignalingProfile <SIP IP signaling profile name> commonIpAttributes flags noPortNumber5060 enable |
Ensure that IP Peer returns the domain name so the SBC can send the query to the DNS Server.
Code Block |
---|
|
% set addressContext a1 zone <dnsgroupname> ipPeer <peer name> policy sip fqdn <Domain name> fqdnPort <port> |
Note |
---|
For NAPTR/SRV lookups, ensure the port number is not configured under IP Peer on the SBC, or IP Signaling Peer Group in the PSX, if external PSX is used. If only A-record lookups are required, the port must be configured. |
Check the DNS server status and statistics:
Code Block |
---|
|
% show table/status addressContext a1 dnsGroup DNSGroup1 dnsServerStatistics
% show table/status addressContext a1 dnsGroup DNSGroup1 dnsEntryStatus
% show table/status addressContext a1 dnsGroup DNSGroup1 dnsEntryDataStatus |
Create a DNS group and configure the rcodeErrorMonitorTimer
to support monitoring timer interval which the SBC uses to monitor RCODE errors.
Code Block |
---|
% set addressContext default dnsGroup DNSGroup1 rcodeErrorMonitorTimer
(<unsignedShort, 0 .. 60>) (0): 30
[ok] |
Monitor the RCODE error and check the error field in the "dnsServerStatistics
" table to monitor the responses from the DNS server by executing the command:
Code Block |
---|
% show status addressContext default dnsGroup dnsServerStatistics |
Info |
---|
Refer to the following pages for command syntax details: |