Hi Expert,
Would like to know the base theory how the domain policy work? Is it capture the user data in layer 7 and resolve the domain with DNS server? Or capture the DNS resolve message from DNS server to client and generate the proper IP base policy?
If that’s based on the DNS resolved information capture from client, will it work if i have a local DNS which also have the domain cach?
Regards,
Donnie Li
Domain base policy work base on the DNS resolve message from DNS server to client and generate the proper IP base policy.
If you have local domain cache, domain policy will not work as expected. Please consider to turn off DNS cache for the local DNS server.
So peplink will catch any of the DNS resolve packet and check if it is match the domain policy, if it match, then it will generate the proper ip policy?
Let’s say I have a local DNS and since it dont have cache, so it will forward the dns query to upper DNS server, and then peplink will catch this information and generate the ip policy, is that how it dose?
Yes, you are right 