35.1. DNS Resource

35.1. DNS Resource
	Chapter 35. DNS - Domain Name System

The Abilis CPX DNS resource may behave as a DNS Resolver, as a DNS Relay or as a DNS Server too.

35.1.1. Activating the DNS resource

Add the resource to the Abilis system with the following command.

[12:18:28] ABILIS_CPX:a res:dns

RES:DNS ALREADY EXISTS

The DNS resource may already exist in the system, but may not yet be active: set it active with the command:

[12:18:31] ABILIS_CPX:s act res:dns

COMMAND EXECUTED

	Caution
	After adding or setting the DNS active, you must restart the Abilis to make the resource running (use the command warm start to reboot the Abilis).

[17:14:59] ABILIS_CPX:s p dns act:yes

COMMAND EXECUTED

[17:15:17] ABILIS_CPX:d p dns

RES:Dns -----------------------------------------------------------------------
Run    DESCR:Domain_Name_System
       LOG:NO           ACT:YES 
       udp-locport:53   SRCADD:OUT-IP                      TOS:0-N      
       wdir:C:\APP\DNS\
       - Resolver -------------------------------------------------------------
       SERVERS:AUTO
       PRIMARY:#                 SECONDARY:#
       DELAY:5                   RTY:1                    
       CACHE:YES                 cache-size:500
       - Relay/Server ---------------------------------------------------------
       RELAY:NO                  relay-size:500            RELAY-TOUT:10  
       RELAY-WHITELIST:NO        RELAY-WHITELIST-CLIENTS:#
       RELAY-BLACKLIST:YES       RELAY-BLACKLIST-BYPASS:#
       RELAY-LOG-REQUESTERS:
       SERVER:YES
       IPSRC:*                   IPSRCLIST:#

35.1.2. DNS resource parameters

Use the following command to display the parameters of the resource; the command d p dns ? displays the meaning of all parameters.

[12:18:35] ABILIS_CPX:d p dns

RES:Dns -----------------------------------------------------------------------
Run    DESCR:Domain_Name_System
       LOG:NO           ACT:YES 
       udp-locport:53   SRCADD:OUT-IP                      TOS:0-N      
       wdir:C:\APP\DNS\
       - Resolver -------------------------------------------------------------
       SERVERS:AUTO
       PRIMARY:#                 SECONDARY:#
       DELAY:5                   RTY:1                    
       CACHE:YES                 cache-size:500
       - Relay/Server ---------------------------------------------------------
       RELAY:NO                  relay-size:500            RELAY-TOUT:10  
       RELAY-WHITELIST:NO        RELAY-WHITELIST-CLIENTS:#
       RELAY-BLACKLIST:YES       RELAY-BLACKLIST-BYPASS:#
       RELAY-LOG-REQUESTERS:
       SERVER:YES
       IPSRC:*                   IPSRCLIST:#

Meaning of the most important parameters:

LOG

Logging functionalities activation/deactivation.

ACT

Operation activation [NO, YES].

udp-locport

DNS-relay listening UDP port [53].

SRCADD

Source IP address for outgoing requests [R-ID, OUT-IP, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x].

TOS

Sets the TOS value for DNS service; TOS or DS field:

p-t: PRECEDENCE-TOS, 'p' [0..7], 't' [N, D, T, R, C];
bbbbbb: DS value bit by bit, 'b' [0, 1].

wdir

Working directory. Full path with drive letter ['C'..'Z'] terminated by '\'. Max 128 chars. Spaces require double quotes (E.g. "C:\My dir\").

SERVERS

Servers IP resource [AUTO, Ip-nnn, STATIC], where 'nnn' is an IP resource index [1..250].

AUTO: DNS resolver uses the servers retrieved by an IP resources that negotiates them e.g. IP-PPP. DNS: parameter of IP resources must be set to RETRIEVE;
Ip-nnn: DSN resolver uses the available servers through Ip-nnn resource;
STATIC: DNS resolver uses PRIMARY and SECONDARY servers.

PRIMARY

DNS primary server IP address [#, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x].

SECONDARY

DNS secondary server IP address [#, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x].

DELAY

Time that resolver waits for server's responses [1..15 sec.].

RTY

Number of attempts to perform DNS request [1..10]. Sets how many times a request has to be sent to the DNS server if the DNS Resolver doesn't get any response in the expected time interval fixed in the DELAY parameter.

CACHE

Activation/deactivation of DNS cache [NO, YES].

cache-size

Size of DNS cache [500..20000].

RELAY

Enable/disable the DNS Relay feature [NO, YES]. DNS relay allows the relay of external DNS requests of DNS clients from CPX to DNS server.

relay-size

Size of DNS relay table [500..20000].

RELAY-TOUT

Timeout waiting server response for relayed requests [5..60 sec.].

RELAY-WHITELIST

Enable/disable DNS whitelist service [NO, YES].

Whitelist is a service that can be enabled for a specific set of clients, based on their IP address.

For such clients the DNS will resolve only the domains in the whitelist.

The whitelist is enabled using CP but domains are inserted using the Web Filter page.

RELAY-WHITELIST-CLIENTS

List of IP addresses that are subject to Relay whitelist service [ListName, #].

RELAY-BLACKLIST

Enable/disable DNS Relay blacklist service [NO, YES].

RELAY-BLACKLIST-BYPASS

List of IP addresses that bypass Relay blacklist service [ListName, #].

RELAY-LOG-REQUESTERS

List of requester(s) IP addresses that are used to filter DNS log. Empty or max 3 IP addresses separated by separated by ',' (comma).

SERVER

Enable/disable local DNS Server [NO, YES].

IPSRC

Accepted client's IP address [*, 1-126.x.x.x, 127.0.0.1, 128-223.x.x.x].

IPSRCLIST

List of further accepted source IP addresses [#, IP/IR/RU/MR listname].

The following command allows the administrator to change the configuration of the resource:

s p dns parameter:value...

	Caution
	To activate the changes made on the upper case parameters, execute the initialization command init res:dns; while to set act the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. With warm start command).