Before you create a DFP (DNS forwarding proxy) service, ensure that you understand the best practices when configuring a DFP on NIOS. For information, see Best Practices for DFP on NIOS.
...
Internal and Fallback DNS Resolvers: Expand this and click Add to add a local resolver or fallback resolver that manages your DNS requests when your DFP loses connection with BloxOne Cloud or when BloxOne DNS fails to resolve requests.
Complete the following to configure internal and fallback resolvers:ORDER: The order of precedence given an FQDN/IP Address (internal or external DNS resolver). Click and drag the up/down arrows associated with an internal resolver to change its precedence order.
FQDN/IP ADDRESS: Add a FQDN/IP Address is for the Internal or Fallback Resolver or both.
INTERNAL RESOLVER: An internal resolver would be used to resolve the DNS requests coming for the domain/IP present in the internal domains list.. To configure the internal resolver, toggle the switch to the right to enable INTERNAL RESOLVER. Internal resolver is enabled by default. An internal resolver would be used to resolve the DNS requests coming for the domain/IP present in the internal domains list. For information about internal resolvers, see DNS Forwarding Proxy Fallback to Local Resolvers.
FALLBACK RESOLVER: A fallback resolver is a backup endpoint used when the primary server is unavailable. It is used to resolve all DNS queries if the Bloxone Cloud fails to resolve the queries.For information about DNS fallback, see /wiki/spaces/BloxOne/pages/335413573 Using DNS Fallback.
DNS OVER TLS: DNS over TLS is an encrypted DNS protocol using TCP port 853. DNS over TLS possesses a higher precedence order over unencrypted DNS. To configure DNS over TLS, toggle the switch to the right to enable DNS OVER TLS. DNS OVER TLS is disabled by default.
UNENCRYPTED DNS: To configure unencrypted DNS, toggle the switch to the left to disable UNENCRYPTED DNS. UNENCRYPTED DNS is enabled by default.
Internal Domains Lists: Expand and click Add to add an internal domain list to the DFP. If you have internal domains that are served by local DNS servers and you want to reach them without interruptions, you should consider adding them to the bypassed internal domains list. If you add them, DNS queries for these internal domains are sent to the local DNS servers instead of BloxOne Cloud. Alternately, you can search for a specific internal domains list by entering its name in the search field. For information about internal domain lists, see Configuring Internal Domains.
Complete the following to configure the internal domains lists:NAME (required): From the Select List menu, choose the internal domain list to add to the configuration. You can add multiple internal domain lists. Note that only available internal domain lists appear in the menu. To configure an internal domain list, see Configuring Internal Domains.
PoP Settings: DNS service typically resolves and directs traffic through the closest PoP rather than through the one closest to the requesting location, which might result in longer latency and slower application response times. For performance reasons, you can choose a preferred PoP based in a specific region. The .Cloud Service Portal auto selection is ON by default. To enable preferred PoP, toggle the Auto Selection option to OFF. From the Point of Presence drop-down list, choose a preferred PoP.
...