fqdn-host
You can configure Fully Qualified Domain Name (FQDN) hosts. DNS servers resolve FQDN requests to IP addresses. You can create up to 16,000 FQDN hosts. You can also configure these on the web admin console.
Command
set fqdn-host
Syntax
set fqdn-host
cache-ttl <60-86400> [dns-reply-ttl]
eviction [enable | disable] [interval] <60-86400>
idle-timeout <60-86400> [default]
learn-subdomains [enable | disable]
Options
cache-ttl <60-86400> [dns-reply-ttl]-
Set the
cache-ttlvalue for the FQDN host. This value represents the time in seconds after which the cached FQDN host to IP address binding is updated.Range: 60 to 86400 seconds.
Default: 3600 seconds
Warning
When you update the TTL, the new setting applies only to entries resolved after the change. FQDNs cached before the update continue using the TTL assigned to them when initially cached. The new TTL only takes effect after those entries expire and are resolved again.
[dns-reply-ttl]: Use the TTL value in the DNS reply packet ascache-ttl. eviction [enable | disable] [interval] <60-86400>-
Duration in seconds after which IP addresses for subdomains of wildcard FQDNs are evicted. The available range is 60 to 86400.
idle-timeout <60-86400> [default]-
The idle-timeout value represents the time in seconds after which the cached FQDN host to IP address binding is removed.
Range: 60 to 86400 seconds
Default: 3600 seconds
learn-subdomains [enable | disable]-
Learn the IP address of subdomains for FQDN using a wildcard. Turn it on if you want to know the IP address of subdomains of local traffic that passes through Sophos Firewall and that isn't destined for or originated by Sophos Firewall.