config global-dns-server : config global-dns-server address-group
 
config global-dns-server address-group
Use this command to configure the source and destination IP addresses that are the matching criteria for DNS policies. The system includes the predefined address groups any and none.
Before you begin:
You must have read-write permission for global load balancing settings.
After you have configured an address group, you can specify it in the DNS64 and DNS policy configurations.
Syntax
config global-dns-server address-group
edit <name>
config member
edit <No.>
set action {include|exclude}
set addr-type {ipv4|ipv6}
set ip-network <ip&netmask>
set ip6-network <ip&netmask>
next
end
next
end
action
include—The rule logic creates an address object that includes addresses matching the specified address block.
exclude—The rule logic creates an address object that excludes addresses matching the specified address block.
addr-type
IPv4
IPv6
ip-network
Address/mask notation to match the IP address in the packet header.
Create objects to match source IPv4 address and different objects to match destination IPv4 address.
ip6-network
Address/mask notation to match the IPv6 address in the packet header.
Create objects to match source IPv6 address and different objects to match destination IPv6 address.
Example
FortiADC-VM # config global-dns-server address-group
FortiADC-VM (address-group) # edit campus
Add new entry 'campus' for node 2206
 
FortiADC-VM (campus) # config member
FortiADC-VM (member) # edit 1
Add new entry '1' for node 2209
 
FortiADC-VM (1) # get
action : include
addr-type : ipv4
ip-network : 0.0.0.0/0
 
FortiADC-VM (1) # set ip-network 192.0.2.0/24
FortiADC-VM (1) # end
FortiADC-VM (campus) # end
 
FortiADC-VM # config global-dns-server address-group
FortiADC-VM (address-group) # edit branch
Add new entry 'branch' for node 2206
 
FortiADC-VM (branch) # config member
FortiADC-VM (member) # edit 1
Add new entry '1' for node 2209
FortiADC-VM (1) # set ip-network 198.51.100.0/24
FortiADC-VM (1) # end
FortiADC-VM (branch) # end
 
FortiADC-VM # show global-dns-server address-group
config global-dns-server address-group
edit "campus"
config member
edit 1
set ip-network 192.0.2.0/24
next
end
next
edit "branch"
config member
edit 1
set ip-network 198.51.100.0/24
next
end
next
end