About DNS Hostname SmartGroups
The DNS Hostname Resource Type in a SmartGroup enables you to filter non-TLS, non-HTTP traffic (for example, SMTP and SSH) using the fully qualified domain name (FQDN) of the target. The FQDN of the SmartGroup Resource Type is resolved to its correct IP address.
|
You must enter the DNS Hostname resource type as a FQDN; entering just a hostname is not supported. The FQDN can only include characters that are valid in DNS hostnames. Wildcards are not supported. |
If you do not configure a custom DNS Server, any DCF rules that are executed that contain hostnames are by default resolved to the Gateway’s Management DNS server that has been configured for each gateway.
If you decide to enter custom DNS Server information, the gateways that are part of the DCF rule are updated to use the custom DNS Server information.
| If you want to filter web (TLS, HTTP, or HTTPS) traffic, Aviatrix strongly recommends configuring WebGroups instead of using the Hostname Resource Type in a SmartGroup. |