Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
231232233234235236237238239240
213
The DNS client comprises the resolver and cache. The user program and DNS client can run on the same
device or different devices, but the DNS server and the DNS client usually run on different devices.
Dynamic domain name resolution allows the DNS client to store the latest mappings between domain
names and IP addresses in the dynamic domain name cache. The DNS client does not need to send a
request to the DNS server for a repeated query next time. The aged mappings are removed from the
cache, and latest entries are required from the DNS server. The DNS server decides how long a mapping
is valid, and the DNS client gets the aging information from DNS messages.
DNS suffixes
The DNS client holds a list of user-specified suffixes. The resolver can use the list to supply the missing part
of incomplete names.
For example, a user can configure com as the suffix for aabbcc.com. The user only needs to type aabbcc
to obtain the IP address of aabbcc.com because the resolver adds the suffix and delimiter before passing
the name to the DNS server.
If there is no dot (.) in the domain name (for example, aabbcc), the resolver considers this a host
name and adds a DNS suffix before the query. If no match is found after all configured suffixes are
used respectively, the original domain name (for example, aabbcc) is used for the query. If there are
multiple suffixes, the resolver uses the suffixes in the order they are configured. When the query with
a suffix succeeds, the resolver stops querying.
If there is a dot (.) in the domain name (for example, www.aabbcc), the resolver directly uses this
domain name for the query. If the query fails, the resolver adds a DNS suffix for another query.
If the dot (.) is at the end of the domain name (for example, aabbcc.com.), the resolver considers
it a Fully Qualified Domain Name (FQDN) and returns the query result, successful or failed. The dot
at the end of the domain name is considered a terminating symbol.
The device supports static and dynamic DNS client services.
NOTE:
If an alias is confi
g
ured for a domain name on the DNS server, the device can resolve the alias into the IP
address of the host.
DNS proxy
A DNS proxy forwards DNS requests and replies between DNS clients and a DNS server.
As shown in Figure 128, a DNS client sends a DNS r
equest to the DNS proxy, which forwards the request
to the designated DNS server, and then conveys the reply from the DNS server to the client.
The DNS proxy simplifies network management. When the DNS server address is changed, you can
change the configuration on only the DNS proxy instead of on each DNS client.