The dns transparent-proxy exclude domain command specifies the domain names that do not require DNS transparent proxy.
The undo dns transparent-proxy exclude domain command deletes the domain names that do not require DNS transparent proxy.
dns transparent-proxy exclude domain domain-name [ server preferred preferred-dns-address [ alternate alternate-dns-address ] ]
undo dns transparent-proxy exclude domain domain-name [ server [ preferred | alternate ] ]
| Parameter | Description | Value |
|---|---|---|
| domain-name | Specifies the domain names that do not require DNS transparent proxy. |
The value is a string of 1 to 63 characters. This parameter is case-insensitive. |
| server | Indicates a DNS server. |
- |
| preferred preferred-dns-address | Specifies the IP address of a preferred DNS server. |
The value is in dotted decimal notation. |
| alternate alternate-dns-address | Specifies the IP address of an alternate DNS server. |
The value is in dotted decimal notation. |
If you exclude a domain name from DNS transparent proxy but DNS transparent proxy is configured for the DNS server on the client, the FW directly forwards the DNS query messages to the domain name without processing the DNS query messages to the domain name.
If the preferred DNS server address is specified (server preferred preferred-dns-address) for a domain name that exempts DNS transparent proxy, the DNS request will be forwarded to this server, not the DNS server specified on the client.
If both preferred and alternate DNS server addresses are specified (server preferred preferred-dns-address alternate alternate-dns-address), DNS requests will be forwarded to the preferred DNS server. If the preferred DNS server is Down, DNS requests will be forwarded to the alternate DNS server.
If the preferred DNS server address is deleted, the alternate DNS server automatically becomes the preferred one.
If multiple domain names exempt DNS transparent proxy, run this command for the specified times. A maximum of 512 domain names that exempt DNS transparent proxy can be set.