vShield Edge as DNS Relay Host

With the release of vCloud Networking and Security suite 5.1, we can use Edge device as our DNS relay host.

Before I jump onto how to do it and why should you do it, let me put some words on the DNS relay host technology itself.

DNS Relay is a host which will be contacted by all of your client machines to send their DNS queries.

Now this relay host sends the queries to the DNS server of the provider or whatever is set in the Edge device settings.

When it receives the answer it sends it back to the machines and stores it for a short time.
So if another machine in your network searches for the same address, it will receive the answer directly from your Edge device without asking internet servers again. So there is a little memory which remembers the queries, so called DNS cache.

Now let us look at one of the setup and see how does it do. Below is a sample setup.

DNSRelay

In this example we have configured an External interface on the Edge to act as DNS relay interface.

At the client side we have configured Client1 VM to use the Internal IP of the Edge (192.168.1.1) as a DNS server entry.

In this setup Client1 requests DNS resolution for external host google.com from Edge gateway internal IP. Edge will query its configured DNS servers to resolve google.com and  Edge returns that resolution to Client1.

Typical use of this feature would be:

  1. Using it in a DMZ environment
  2. Using it in a Multi-Tenant environment
  3. Also we can use it to speed up the resolution time

 

About Prasenjit Sarkar

Prasenjit Sarkar is a CTO Ambassador & Staff Solutions Architect at VMware and part of Global Center of Excellence Team. He has also worked in vCloud Air R&D Team. He has an extensive background in designing and implementing cloud solutions. He holds several certifications including VCP3/4/5, VCAP-DCA, VCAP-DCD, VCAP-CIA, VCIX-NV. He has been awarded the VMware vExpert award 4 years running. He is also the author of the blog http://stretch-cloud.info and Author of 4 books including one as Amazon Best Seller. He is also part of many inventions and research papers and have 1 Issued Patent & 11 other patents pending in his name.

One thought on “vShield Edge as DNS Relay Host

  1. Pingback: vShield Edge as DNS Relay Host – Stretch Cloud – Technology … | DNS Internet