Go to the table of contents Go to the previous page Go to the next page View or print as PDF
DNS Proxy Caching
DNS Proxy Caching
 
Help | Content Gateway | Version 8.1.x
Typically, clients send DNS requests to a DNS server to resolve host names. However, DNS servers are frequently overloaded or not located close to the client; therefore DNS lookups can be slow and can be a bottleneck to fulfilling requests.
The DNS proxy caching option allows Content Gateway to resolve DNS requests on behalf of clients. This option off-loads remote DNS servers and reduces response times for DNS lookups.
 
Important 
The following overview illustrates how Content Gateway serves a DNS request.
1.
2.
The ARM examines the DNS packet. If the DNS request is type A (answer), the ARM forwards the request to Content Gateway. The ARM forwards all DNS requests that are not type A to the DNS server.
3.
For type A requests, Content Gateway checks its DNS cache to see if it has the host name to IP address mapping for the DNS request. If the mapping is in the DNS cache, Content Gateway sends the IP address to the client. If the mapping is not in the cache, Content Gateway contacts the DNS server to resolve the host name. When Content Gateway receives the response from the DNS server, it caches the host name to IP address mapping and sends the IP address to the client. If round-robin is used, Content Gateway sends the entire list of IP address mappings to the client and the round-robin order is strictly followed.
 
Note 
If the host name to IP address mapping is not in the DNS cache, Content Gateway contacts the DNS server specified in the /etc/resolv.conf file. Only the first entry in resolv.conf is used. This might not be the same DNS server for which the DNS request was originally intended.
The DNS cache is held in memory and backed up on disk. Content Gateway updates the data on disk every 60 seconds. The TTL (time-to-live) is strictly followed with every host name to IP address mapping.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
DNS Proxy Caching
Copyright 2016 Forcepoint LLC. All rights reserved.