This article discusses how to define DNS forwarding rules for your account.
You can configure DNS Forwarding rules to forward any DNS queries with the specified domain names to resolve with a private DNS server (instead of Cato's DNS server). For example, sometimes mobile users need to connect directly to the Cato Cloud instead of going through one of your internal servers or sites.
In case of multiple DNS Forwarding rules for the same domain, Cato prioritizes the most specific rule.
In the example below, the domain s1.example.local is prioritized over example.local.
You can use DNS forwarding either with Cato's default DNS server, or well-known DNS servers such as 220.127.116.11, 18.104.22.168, and 22.214.171.124. The list of well-known DNS servers can vary between PoPs, for example China and New York.
DNS Forwarding can be applied for both external and internal IP addresses and domains.
DNS Forwarding can process requests over either UDP and TCP.
The PoP doesn't store DNS forwarding requests in the cache.
DoH (DNS over HTTPS) isn't supported, DNS Forwarding can't process DoH packets.
To add a DNS forwarding rule:
From the navigation menu, click Network > DNS Settings. The Settings & Suffix tab is displayed.
Click the DNS Forwarding tab.
Click New to add a DNS Forwarding rule. The Add panel opens.
Enter the Domain for the traffic that matches this DNS Forwarding rule.
You can enter one domain per rule.
In the IPs section, enter the IP address for the DNS server for this rule. Each rule supports up to six DNS servers.
Click Apply. The rule is added to the DNS Forwarding rulebase.