Kerio Tech Firewall6 User Manual

8.1 DNS Forwarder

105

The rule can be defined for:

•

DNS name — queries requiring names of computers will be forwarded to this DNS

server (so called A queries)

•

a subnet — queries requiring IP addresses of the particular domain will be forwarded

to the DNS server (reverse domain — PTR queries)

Rules can be reordered by arrow buttons. This enables creating of more complex combinations

of rules — e.g. exceptions for certain workstations or subdomains. As the rule list is processed

from the top downwards, rules should be ordered starting by the most specific one (e.g. name

of a particular computer) and with the most general one at the bottom (e.g. the main domain

of the company). Similarly to this, rules for reversed DNS queries should be ordered by subnet

mask length (e.g. with 255.255.255.0 at the top and 255.0.0.0 at the bottom). Rules for

queries concerning names and reversed queries are independent from each other. For better

reference, it is recommended to start with all rules concerning queries for names and continue

with all rules for reversed queries, or vice versa.

Click on the Add or the Edit button to open a dialog where custom DNS forwarding rules can

be defined.

Figure 8.3

DNS forwarding — a new rule