Westermo RedFox Series User Manual
Page 411
Westermo OS Management Guide
Version 4.17.0-0
”show ip name-server” command described in
), and the an-
swer is cached for fast response of subsequent requests for the same host.
When proxy DNS server is enabled on a WeOS unit, it will accept incoming DNS
packets on all its interfaces.
Hint
For security purposes you may wish to avoid accepting DNS packets on some
interfaces, e.g., your upstream interface towards the Internet. To block
such request you are recommended to configure appropriate deny filter
rules, e.g., ”filter deny in vlan1 dport 53 proto udp” and ”filter
deny in vlan1 dport 53 proto tcp” to block incoming DNS request on
interface vlan1. For more details on the WeOS firewall, see
Alternatively, disable the DNS proxy service.
For WeOS products running software level WeOS Standard attached directly
to the Internet, it is recommended to disable the DNS proxy service.
➞ 2015 Westermo Teleindustri AB
411