As per title.
e.g.
1. client asks example.com <--> Juniper_SSG_140
2. Juniper_SSG_140 <--> DNS root servers
3. <--> Specific DNS returned by root server
4. client receives answer from Juniper_SSG_140
5. Juniper_SSG_140 caches the answer for perf
It appears that the SSG series can perform DNS lookups, but doing so only using forwarders and not root hints.
See screenshot below... these are ALL the configuration options available.
@alex you can configure per domain dns forwarding and/or a catchall option, yo to Network > DNS > Proxy and mark: "Initialize Proxy DNS Server" and "Enable Proxy DNS Server", click on Apply.
Then click in New and add the domain name that you want to forward (use * to forward all requests), configure the primary, secondary and tertiary DNS IP Address. Optionally select the Interface when all this request will get out.
Then, you need to go to Network > Interfaces Edit the interface where you want to set the dns proxy, mark DNS Proxy option, and that's it!, you got it.
On the cli you can type (:
set dns proxy
set dns proxy enable
set dns server-select domain * primary-server x.x.x.x secondary-server y.y.y.y tertiary-server z.z.z.z
set interface ethernet#/# proxy dns
