vShield Edge as DNS Relay Host

With the release of vCloud Networking and Security suite 5.1, we can use Edge device as our DNS relay host.

Before I jump onto how to do it and why should you do it, let me put some words on the DNS relay host technology itself.

DNS Relay is a host which will be contacted by all of your client machines to send their DNS queries.

Now this relay host sends the queries to the DNS server of the provider or whatever is set in the Edge device settings.

When it receives the answer it sends it back to the machines and stores it for a short time.
So if another machine in your network searches for the same address, it will receive the answer directly from your Edge device without asking internet servers again. So there is a little memory which remembers the queries, so called DNS cache.

Now let us look at one of the setup and see how does it do. Below is a sample setup.

DNSRelay

In this example we have configured an External interface on the Edge to act as DNS relay interface.

At the client side we have configured Client1 VM to use the Internal IP of the Edge (192.168.1.1) as a DNS server entry.

In this setup Client1 requests DNS resolution for external host google.com from Edge gateway internal IP. Edge will query its configured DNS servers to resolve google.com and  Edge returns that resolution to Client1.

Typical use of this feature would be:

  1. Using it in a DMZ environment
  2. Using it in a Multi-Tenant environment
  3. Also we can use it to speed up the resolution time

 

One thought on “vShield Edge as DNS Relay Host

  1. Pingback: vShield Edge as DNS Relay Host – Stretch Cloud – Technology … | DNS Internet

Leave a Reply