Updated on 2025-07-23 GMT+08:00

Configuring a DNS Server

Scenario

Domain Name System (DNS) servers are key components for network communication. They convert domain names into IP addresses. CFW uses a default DNS server for domain name resolution. If the default DNS server cannot meet your requirements, or your system depends on another DNS server to resolve domain names, you can change the default DNS server or set a custom DNS server. The domain name protection policies will use the configured DNS server for IP address resolution and delivery.

If your account has multiple firewalls, the DNS resolution setting applies only to the firewall where this setting is configured.

This section describes how to change the default DNS server or set a custom a DNS server.

Constraints

A maximum of two DNS servers can be customized.

Configuring a DNS Server

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
  4. (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
  5. In the navigation tree on the left, choose System Management > DNS Resolution.
  6. Select the DNS server or click Add under the Custom DNS Server.

    Currently, only two specified DNS servers can be added.

  7. Click Apply.

    If the current account has multiple firewalls, the DNS resolution setting only applies to the firewall where this setting is configured.

Follow-up Operations

After the DNS service is configured, you need to add protection rules. For details, see Configuring an Access Control Policy.