Depending on your network requirements, you can forward your DNS traffic while configuring external networks. By designating a DNS server as a forwarder, that server is responsible for all external DNS resolution and can build up a cache of external addresses, thus reducing the need to query recursive resolvers and cutting down DNS traffic.
...
On your Microsoft Windows server, open DNS Manager.
In the console tree, click the applicable DNS server from DNS/Applicable DNS server.
On the Action menu, click Properties.
On the Forwarders tab, click Edit.
Image: A window from the "DNS Manager", which is a tool typically used to configure and manage DNS services on a network.
5. Enter the IP address of one or more forwarders, and then click OK. For BloxOne Threat Defense global IPv4 DNS Anycast addresses see Forwarding DNS Traffic to BloxOne Cloud.
...
In the Azure Portal, navigate to the applicable VNet.
On the VNet page, select DNS servers from the menu.
Image: The Microsoft Azure portal interface showing the DNS servers configuration for a virtual network named "central-vnet".
Select the radio button for Custom.
Enter the IP address of one or more forwarders, and then click OK. For BloxOne Threat Defense global IPv4 DNS Anycast addresses, seeForwarding DNS Traffic to BloxOne Cloud.
Save this configuration.
To find the public IP of a NAT Gateway that you would like to register as an external network:, perform the followingIn the Azure Portal, navigate to the applicable NAT Gateway.
On the NAT Gateway page, select Outbound IP from the menu.
Image: The Microsoft Azure portal, specifically focusing on the "Outbound IP" configuration for an entity named "central-natgw", which is a NAT (Network Address Translation) gateway.
Copy and save the IP addresses shown.
...
Log in to your AWS Once logged in, input Route53 into the search bar located at the top of the AWS interface.
Image: The AWS Management Console.Click on Route 53 in the list of side menu options.
Image: The Route 33 side menu option.In the Route 53 navigation pane, click Outbound endpoints located under the Resolver.
Image: The Route 33 menu.On the Outbound endpoints page, click Create outbound endpoint.
Image: Clicking Create outbound endpoint.
On the Createoutboundendpoint page, input the following data:
Give the Outbound Endpoint a Name.
Image: Naming the outbound endpoint.Select the VPC you would like to associate with the Outbound Endpoint from among the drop-down options.
Image: Selecting the VPC.
Select the Security group you would like to associate with this Outbound Endpoint from among the drop-down options.
Image: Selecting a securty group.
Select IPv4 as the Endpoint Type from among the drop-down options.
Image: Selecting IPv4 as the endpoint type.
Under the IP address #1 header, select the Availability Zone you would like to use for this Outbound Endpoint. Note that this is the IP clients will send DNS requests to, any additional IP addresses entered will act as redundant to the first one to improve availability.
Image: Selecting an availablitly zone for IP address #1.Select the private subnet associated with the Availability zone.
Image: Selecting a private subnet.Choose an IP address for the Outbound Endpoint. You may choose to allow AWS to choose one automatically, or input one manually.
Image: Selecting an IP address for the outbound endpoint.Under the IP address #2 header, select the Availability Zone you would like to use for this Outbound Endpoint. Note that this is the IP clients where DNS requests are sent.
Image: Selecting an availablitly zone for IP address #2.Select the private subnet associated with the availability zone.
Image: Selecting a private subnet associated with the availability zone.
Choose an IP address for the outbound endpoint. You can choose to allow AWS to choose one automatically, or input one manually.
Image: Selecting the automatically generated IP address for the outbound endpoint.Optionally input an additional IP addresses via the Add another IP address button.
Image: Adding an additional IP address.Optionally, add Input Tags if desired. Followed by clicking Submit to finish the creation of the Outbound Endpoint.
Image: Clicking the Submit button to add an input tag.If the creation of the Outbound Endpoint was successful, you will now see the newly created outbound endpoint on the Outbound endpoints page.
Image: Confirmation of the successful creation of a new outbound endpoint.
...
In the Route 53 navigation panel, click Rules located under the Resolver header.
Image: Locating Rules in the side navigation.On the Rules page, click Create rule.
Image: Click Create rule on the Rules page to commence the rule creation process.Configure the new rule:
Give the rule a Name.
Image: Addng a name in the rule's Name field.Set the Rule type as Forward.
Image: Adding "Forward" in the Rule type text fieldIn the Domain name text field input the character ( '.' ) without quotations.
Image: Inputting "." without the quotes in the Domain name text field.
Select any VPC(s) that you would like this rule to apply to via the dropdown menu located under the VPCs that use this rule header.
Image: Applying a rule to a selected VPC or VPCs.
Select the outbound endpoint that was created earlier via the drop-down menu.
Image: Selecting the output endpoint from among the drop-down menu options.In the First Target IP address text field, input the address 52.119.40.100. Additionally, input 53 in the Port text field.
Image: Adding the first target IP address.Click Add target to input another IP address.
Image: Adding the tardet IP address.
In the second Target IP addresses field input the IP 103.80.5.100. Additionally, add input 53 in the Port text field.
Image: Adding a second target IP address.
Click Submit to confirm the creation of the rule.
Image: Clicking the Submit buton to create the new rule.If the creation of the rule was successful, you will now see the new rule in the list of rules.
Image: Verifying the successful addition of the rule to the rule list.
...