Create a Sinkhole
- Go to Configure> Firewall Policy> DNS Sinkhole.
The DNS Sinkhole page is displayed.
- Click the + icon.
The Create DNS Sinkhole page is displayed.
- Enter a name for the sinkhole.Note:
The name must not exceed 63 characters, be unique, include a number, an alphabet, and a special character other than < and >.
- Enter the domain name of the sinkhole. The default value
is
sinkhole.junipersecurity.net
. - Enter the IPv4 address of the sinkhole. The default value
is
44.241.133.101
. - Enter the IPv6 address of the sinkhole. The default value
is
::1
. - Select the devices that you want to assign to the sinkhole in the Available section and click the right-arrow icon.
- In the Advanced Settings section, enter the
following details, if required:
DNS Response TTL–The time-to-live (TTL) value in seconds for which a DNS response must be cached. The default value is 1800 seconds.
Note:The TTL value must not exceed 3600 seconds.
SRV response error code-The error code that must be sent for bad domain server queries.
Test response error code-The error code that must be sent for bad domain text queries.
Wildcarding-Level-The number of levels that can be examined for a domain. You can examine up to 10 levels and the default value is 2.
- Click OK.
The sinkhole is created and displayed on the DNS Sinkhole page.