5.3. Managing DNS Server Options and Behavior

You can use the DNS console to configure various options that determine how the DNS service functions. The following sections explain the different properties and behavior that you can configure, including how to set up a forwarder and perform monitoring and logging.

5.3.1. Configuring multiple addresses on a DNS server

By default, the DNS service responds on all IP addresses bound to the server. You face no real performance penalty in enabling the DNS service to respond on all bound IP addresses, but in some situations, you may want to reduce the addresses to only those that you specifically want associated with the DNS service. You might allocate two addresses that are always used for DNS, but, in effect, "reserve" the other IP addresses on the server for other uses. Assume, for example, that you have the addresses 192.168.0.2 through .10 bound to the server. If you enable the DNS service to respond on all addresses, users may conceivably start using 192.168.0.10 for DNS if they know that it's there. A few months down the road, you remove .10 from the server because you want to use it elsewhere. Suddenly, those users who have been using .10 as a DNS server find themselves unable to resolve. If you start out limiting DNS to a specific set of addresses that is always used on the server for DNS, you can avoid the problem. In addition, you might want to restrict DNS to a subset of the available addresses for security, firewall configuration, or other infrastructure reasons.