dns
Syntax
dns {
disable;
doctoring (none | sanity-check);
maximum-message-length bytes;
oversize-message-drop;
traceoptions {
flag {
all {
extensive
}
}
}
}
Hierarchy Level
[edit logical-systems name security alg], [edit logical-systems name tenants name security alg], [edit security alg], [edit services alg], [edit tenants name security alg]
Description
Specify the Domain Name System (DNS) Application Layer Gateway (ALG) on the device.
Options
disable—Disable the DNS ALG. By default, the DNS ALG is enabled. You can enable or disable the DNS ALG for both IPv4 and IPv6 mode.doctoring—Configure DNS ALG doctoring.none— Disable all DNS ALG doctoring.sanity-check—Perform only DNS ALG sanity checks.
maximum-message-length—Set maximum message length (bytes).Range: 512 through 819.
Default: 512.
oversize-message-drop—Configure to drop the oversized DNS packets.traceoptions— Configure DNS ALG tracing options.flag—Trace operation to perform.all—Trace all events.extensive—Display extensive amount of data.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 8.5.
The tenant option is introduced in Junos
OS Release 18.3R1.