dns-snooping
Syntax
dns-snooping {
global-enable;
report-interval seconds;
trusted-dns-server [ trusted-dns-server ... ];
}Hierarchy Level
[edit services]
Description
Enable DNS-snooping on your firewall. The DNS snooping feature offers a mechanism for dynamically inspecting and caching DNS responses in real time.
Options
| global-enable |
Enable DNS snooping globally. When you enable globally,you don't have to configure this functionality as security policy level. |
||
| report-interval seconds | Frequency of sending DNS-snooping data from the data plane to the comon cache . | Default—5 seconds | Range—1 through 10 seconds |
| trusted-dns-server [trusted-dns-server] |
Specify trusted DNS server address. This configuration enables only traffic from the trusted servers is subjected to DNS snooping. You can configure up to 32 DNS servers in a set. |
Required Privilege Level
[none specified]
Release Information
Statement introduced in Junos OS Release 25.2R1.