DNS Server

The DNS (Domain Name System) Server section allows the firewall to be configured to function as a primary Domain Name Server, maintaining a database of domain names (host names) and their corresponding IP addresses. Enabling the DNS Server section overrides the DNS proxy in the Basic Configuration/DNS section. On some firewall products, DNS Server is optional and requires an activation code. See your product guide for more information.

GTA recommends a thorough knowledge of the domain name system before configuring any DNS server. One reference is DNS AND BIND, 3RD EDITION, by Paul Albitz & Cricket Liu, published by OíReilly and Associates.

The built-in DNS server is functional and flexible enough for most GTA Firewall users, but cannot be configured to support all possible DNS options. If your site requires a more complex configuration, or hosts secondary name services, GTA suggests using an outside DNS host.

In GBAdmin, to add a secondary name server, forwarder or subnet, click the ADD + button next to these fields. To add a DNS Domain, add a tab to the screen below the SUBNET field by clicking the ADD + button on the toolbar. To edit a specific DNS Domain, click on the domain name tab. To add a mail exchanger or a host to the DNS Domain, click the ADD + button next to these fields. To enter more than one alias, separate aliases with a space.

Enable Enable the DNS server.

Primary Server Name The host name of your DNS server. This will be a host name assigned to your GTA Firewall. When configuring an external DNS server, this will be the host name seen from the Internet side. The host name should be listed as a host in the DNS Domain screen or tab.
 

Secondary Server Name Host names of DNS servers acting as alternate servers for the domain. Up to four alternates may be listed.

Forwarders The DNS servers that will be utilized as DNS forwarders.

Email Contact This field should contain the email address of the primary contact for the domain (e.g., administrator@gta.com).

DNS Domains*

The DNS Domain screen allows the user to define host names and associated IP addresses (A records), aliases (CNAME records) and mail exchangers (MX records) for the selected domain. To create DNS Domains, click the ADD + button and continue configuration of the DNS Server on the DNS Domain screen using the fields below.

Disable Select to disable the domain definition so the zone will not be served by the GTA Firewall name server.
 

Description Enter a brief description of the domain for your reference.
 

Domain name Enter the DNS domain name for the current zone definition, (e.g., gta.com).
 

Domain's IP address Enter the IP address of a host to respond to the zone name. A host can have the same name as the zone, e.g. gta.com. This means that if you have a web server, a visitor can use the zone name rather than the web server's fully-qualified host name.
 

Mail Exchangers When a remote system sends mail to a domain, it will query a DNS server to determine which IP addresses are designated to accept email for the zone. The Mail Exchanger fields define the mail servers for the domain. When there is more than one Mail Exchanger, they are specified in order of preference by entering the preferred server in the first field, followed by a second and third entry. The first mail exchanger will be priority 5, the second -priority 10, and the third - 15.

Hosts

Define host name and IP address associations. Select to disable this host entry.
 

Disable Select to disable this host entry.
 

RDNS Reverse Domain Name System. Select to have a reverse database entry created for the host. Enabled by default.

IP address The IP address of the host.
 

Host Names Enter the primary host name in the first field and aliases in succeeding fields. The domain portion of the host name should not be entered. To define more than two aliases on the Web interface, repeat the IP address in the next row. These names will also be used as aliases.

Subnets*

DNS subnets make a larger network more manageable by splitting it into a series of contiguous address ranges.

Network Enter the network address/netmask of the desired IP address subnet. Class C: /24 (255.255.255.0) and Class B: /16 (255.255.0.0) are commonly used networks.

Reverse Zone Name Optional name used by reverse DNS, which looks up an IP address to obtain a domain name. The GTA Firewall can determine the zone name automatically if the subnet uses a Class A, B or C netmask. Reverse zone names, if needed, are typically assigned by your ISP.
 

* See product guides for the number of DNS Server domains and subnets available.

[Suggested Reference Material: DNS and BIND 3rd Edition by Paul Albitz & Cricket Liu, published by O'Reilly and Associates.]

Return to Services