diff options
| author | rebortg <github@ghlr.de> | 2023-01-30 15:27:41 +0100 |
|---|---|---|
| committer | rebortg <github@ghlr.de> | 2023-01-30 15:40:14 +0100 |
| commit | 2923800d7d6f2e37e1f472fdd0e341c444c308b4 (patch) | |
| tree | 7fe344391e1eae24767af98b22e98cdc169a801f /docs/configuration/service | |
| parent | 4ef9d2634d1b88870f8410213a68083b33cc1d01 (diff) | |
| download | vyos-documentation-2923800d7d6f2e37e1f472fdd0e341c444c308b4.tar.gz vyos-documentation-2923800d7d6f2e37e1f472fdd0e341c444c308b4.zip | |
dns: sync branches
Diffstat (limited to 'docs/configuration/service')
| -rw-r--r-- | docs/configuration/service/dns.rst | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/docs/configuration/service/dns.rst b/docs/configuration/service/dns.rst index aee207a6..4315b6dc 100644 --- a/docs/configuration/service/dns.rst +++ b/docs/configuration/service/dns.rst @@ -21,6 +21,10 @@ avoid being tracked by the provider of your upstream DNS server. Forward incoming DNS queries to the DNS servers configured under the ``system name-server`` nodes. +.. cfgcmd:: set service dns forwarding dhcp <interface> + + Interfaces whose DHCP client nameservers to forward requests to. + .. cfgcmd:: set service dns forwarding name-server <address> Send all DNS queries to the IPv4/IPv6 DNS server specified under `<address>`. @@ -35,6 +39,15 @@ avoid being tracked by the provider of your upstream DNS server. .. note:: This also works for reverse-lookup zones (``18.172.in-addr.arpa``). +.. cfgcmd:: set service dns forwarding domain <domain-name> addnta + + Add NTA (negative trust anchor) for this domain. This must be set if the + domain does not support DNSSEC. + +.. cfgcmd:: set service dns forwarding domain <domain-name> recursion-desired + + Set the "recursion desired" bit in requests to the upstream nameserver. + .. cfgcmd:: set service dns forwarding allow-from <network> Given the fact that open DNS recursors could be used on DDoS amplification |