SonicOS 8 DNS Guide
Table of Contents
DNS Cache
In DNS Proxy, a DNS cache memory saves the most commonly used domains and host addresses, and when it receives the DNS query that match the domain in DNS cache, the firewall directly responds to clients by using the cache records, without processing DNS query and reply proxy.
There are two kinds of DNS Cache:
| Static | Manually configured by you. |
| Dynamic | Auto-learned by the GMS. For each DNS Query, the SonicOS DNS Proxy does the deep inspection on the URI and records the valid response to the caches. |
When a DNS query matches an existing cache entry, the SonicOS DNS Proxy responds directly with the cached URI. This usually decreases the network traffic and, therefore, improves overall network performance.
Static DNS Cache Size
Static DNS cache entry size is always 256 regardless of platform. The static DNS cache is never be deleted unless it is done manually.
Dynamic DNS Cache Size
Dynamic DNS cache size depends on the platform. Some examples are shown here:
| Platform | Maximum Cache Size |
|---|---|
|
NSa 3800 |
2048 |
| NSa 2800 |
1024 |
|
TZ480 |
512 |
|
TZ80 |
256 |
If the maximum DNS cache size has been reached when the network security appliance attempts to add an entry to it, the network security appliance will:
- Delete the DNS cache entry with the earliest expire time.
- Add the new DNS cache entry.
