Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Create a Sinkhole

  1. Go to Configure> Firewall Policy> DNS Sinkhole.

    The DNS Sinkhole page is displayed.

  2. Click the + icon.

    The Create DNS Sinkhole page is displayed.

  3. Enter a name for the sinkhole.
    Note:

    The name must not exceed 63 characters, be unique, include a number, an alphabet, and a special character other than < and >.

  4. Enter the domain name of the sinkhole. The default value is sinkhole.junipersecurity.net.
  5. Enter the IPv4 address of the sinkhole. The default value is 44.241.133.101.
  6. Enter the IPv6 address of the sinkhole. The default value is ::1.
  7. Select the devices that you want to assign to the sinkhole in the Available section and click the right-arrow icon.
  8. In the Advanced Settings section, enter the following details, if required:
    • DNS Response TTL–The time-to-live (TTL) value in seconds for which a DNS response must be cached. The default value is 1800 seconds.

      Note:

      The TTL value must not exceed 3600 seconds.

    • SRV response error code-The error code that must be sent for bad domain server queries.

    • Test response error code-The error code that must be sent for bad domain text queries.

    • Wildcarding-Level-The number of levels that can be examined for a domain. You can examine up to 10 levels and the default value is 2.

  9. Click OK.

    The sinkhole is created and displayed on the DNS Sinkhole page.