In this section:
The DNS (Domain Name System) group object contains a list of DNS servers used to resolve SIP NAPTR, SRV, and A-record lookups.
The following diagram shows a typical DNS server group configuration.
DNS Server Group Configuration
The SBC supports associating a DNS group with a zone belonging to a different Address Context than that of the DNS group. The DNS query is resolved using the DNS group configured. Refer to Configuring DNS Groups for a configuration example.
Creating and Configuring DNS Servers
The DNS Client sends the query to the server with the highest priority (lower value) first, and in case of a timeout, the query is resent to the server with the next highest priority. For servers with the same priority, the selection is distributed based on the weight value. Priority and weight values are configurable. You can also configure recursion preference (recursion involves assistance from other DNS servers to help resolve the query).
Configure the DNS group at the Zone level for the interface within the Address Context.
To assign a DNS group to a zone, refer to Zone - DNS Group - CLI page.
The SBC Core supports up to eight DNS servers per DNS group. The SBC 5400/7000 platforms support up to 2,048 DNS Groups system-wide. The SBC SWe supports up to 128 DNS Groups. Refer to SBC Provisioning Limits for additional provisioning limitations.
The SBC 7000 system supports creating IP Interface Groups containing sets of IP interfaces that are not "processor friendly" (i.e. carried on physical Ethernet ports served by separate processors). However, restrictions exist regarding the usage of such Interface Groups.
(This ability does not apply to the SBC 5400 system which have only two physical media ports. IP interfaces from the two physical ports may be configured within the same IP Interface Groups without restrictions.)
For complete details, refer to Configuring IP Interface Groups and Interfaces.
You must configure Cluster Admin for intra-cluster node communication before configuring a D-SBC signaling port, Load balancing service and DNS group parameters.
Refer to Cluster Admin - CLI for configuration details.
Command Syntax
The full DNS Group CLI syntax is shown below:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> dnsFallback <disabled | enabled> dnslookupTimeoutTimer <10-300> ednsSupport <disabled | enabled> interface <interface name> localRecord <record name> data <#> hostName <name> order <centralized-roundrobin | priority | roundrobin> state <disabled | enabled> negativeDnsCacheSupport <disabled | enabled> negativeDnsCacheTimer <10-300> server <DNS server name> dscpValue <0-63> ipAddress <ip address> priority <0-100> recordOrder <centralized-roundrobin | priority | roundrobin> recursionDesired <false | true> state <disabled | enabled> tcpFallback <disabled | enabled> transportProtocol <tcp | udp> weight <0-100> transport <tcp | udp> type <ip | mgmt | none> useConfiguredDnsServer <disabled | enabled>
CLI syntax to configure which type of IP interface to use:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> type <ip | mgmt | none>
CLI syntax to configure a local DNS resource record:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> localRecord <record_name> data <index#> ipAddress <ip address> priority <0-100> state <disabled | enabled> type <a | aaaa> hostName <host_Name> order <centralized-roundrobin | priority | roundrobin> state <enabled | disabled>
CLI syntax to configure a DNS server:
% set addressContext <addressContext name> dnsGroup <dnsGroup name> server <DNS server name> dscpValue <0-63> ipAddress <DNS_ipAddress> priority <0-100> recordOrder <centralized-roundrobin | priority | roundrobin> recursionDesired <false | true> state <disabled | enabled> tcpFallback <disabled | enabled> transportProtocol <tcp | udp> weight <0-100>
CLI syntax to configure the type of IP interface to use for this DNS Group:
% set addressContext <addressContext_name> dnsGroup <dnsGroup_name> type ip -OR- % set addressContext <addressContext_name> dnsGroup <dnsGroup_name> type mgmt interface mgmtGroup
CLI syntax to configure an RCODE error monitoring timer interval which the SBC uses to monitor RCODE errors.
% set addressContext <address_context_name> dnsGroup <dnsgroup> rcodeErrorMonitorTimer <rcode_error_monitor_timer>
Command Parameters
DNS Group Parameters
Parameter | Description |
---|---|
dnsFallback | Disable this flag to send an EDNS request towards the DNS server irrespective of any DNS failure response received in the past. If this flag is enabled and EDNS failure error response is received for a query, then the SBC stops sending further EDNS requests towards the DNS server. Instead, regular DNS query is sent to the DNS server. Refer to sonusSbxDnsServerEdnsFailureNotification - CRITICAL, for additional details.
|
dnslookupTimeoutTimer |
Range: 10-300 seconds; Default = 10 seconds NOTE: If your network includes several DNS servers configured with higher retransmission count values, increase this timer value based on the DNS global retransmission count and retransmission timer settings. |
ednsSupport | Enable this flag to support extension mechanisms for Domain Name Systems (EDNS) for statically configured and dynamically learned DNS servers.
NOTE: Refer to the following pages for additional details:
|
|
NOTE: This parameter displays only after you specify the |
|
|
negativeDnsCacheSupport | Enable this flag for the SBC to store records in the negative cache in case a failure occurs in order to receive a 'DNS Successful' lookup response. No external DNS queries are sent for the same record until it is in a negative cache state.
NOTE: If you require that the SBC sends the DNS lookup queries to the external DNs server for each call even if DNS queries failed previously, you must disable this flag. NOTE: Use this flag, in conjunction with |
negativeDnsCacheTimer |
Range: 10-300 seconds; Default = 60 seconds NOTE: This parameter is only available when the |
| Configure the DNS server within the DNS group.
|
transport | The transport protocol to use to communicate with DNS servers.
|
| The type of IP interfaces to be used for this DNS Group.
|
useConfiguredDnsServer | When this flag is disabled, the SBC stores the Authoritative NS records received in Domain Name System (DNS) query response and uses it for locating a closer DNS server for subsequent DNS queries. There are cases where “Authoritative” servers, which are used for the previous queries may not be directly reachable from SBC, or IP ACL rules (configured on the SBC) blocks the query responses. This causes DNS queries to fail and leads to subsequent call failures. When this flag is enabled, the SBC supports using the configured DNS for external DNS queries within that DNS group. It sends the DNS queries to the DNS server in the DNS group and ignores the Authoritative servers.
|
rcodeErrorMonitorTimer | Configure the RCODE error monitor timer interval to allow the SBC to monitor RCODE errors. When the timer value is 0, this feature is disabled. Range: 0 - 60 Minutes. Default: 0 minutes |
The SBC supports, by default, 1,300 Maximum Transmission Unit (MTU) bytes, and the MTU size used by the SBC is configurable. If the initial INVITE message size exceeds the default MTU value, the SBC sends the data over the TCP transport protocol. The TCP transport protocol is used if it is allowed by the transport profile irrespective of its preference order.
The current TCP Fallback feature does the following:
- Enables the SBC to reject UDP INVITE with PDU size more than configured MTU value with “513 Message Too Large”.
- It is up to the far-end to recognize this “513 Message Too Large” and switch to TCP.
- This feature does not enable the SBC itself to fall back to TCP on receiving “513 Message Too Large” from far-end.
- Once the transport protocol is determined by the application layer in SBC, if the size of the INVITE PDU is increased later (say through SMM rules), the SBC will NOT be able to change the transport protocol to TCP, instead the INVITE is sent using the already determined transport protocol irrespective of the MTU Size configured.
Command Examples
Refer to Configuring DNS Groups page for examples on DNS configurations.