Host Overrides

Custom DNS entries can be created in the Host Overrides section of the DNS Resolver configuration.

Host overrides define new records or override existing records so that local clients receive the configured responses instead of responses from upstream DNS servers.

This is useful for split DNS configurations (see Split DNS) and as a semi-effective means of blocking access to certain specific websites.

Warning

Do not use DNS override functionality as the only means of blocking access to sites.

Blocking via DNS requires that local clients utilize the firewall as their only DNS source. See Redirecting Client DNS Requests and Blocking External Client DNS Queries for suggestions on ensuring clients get their DNS responses from the firewall. It will stop non-technical users, but it is easy to circumvent for those with more technical aptitude.

Multiple records may be defined for the same hostname and all IP addresses will be returned in the result. This can be used to supply both an IPv4 (A) and IPv6 (AAAA) result for a single hostname.

Host:

This field defines the hostname portion of the DNS override record (without the domain), e.g. www.

This may be left blank to make an override record for the domain itself, similar to an @ record.

Domain:

Defines the domain name portion of the DNS override record, e.g. example.com.

This field is required.

IP Address:

The IP address (either IPv4 or IPv6) to return as the result for a DNS lookup of this entry. May be a single address or a comma-separated list of multiple addresses.

Description:

A text description used to identify or give more information about this entry.

Additional Names for This Host:

Defines additional hostnames for the same IP address to keep them in a single override entry.