DNS
This reference covers all of Pomerium's DNS Settings:
Failure Refresh Rate
Failure Refresh Rate sets the DNS refresh rate when requests are failing.
How to Configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Default |
|---|---|---|---|
dns_failure_refresh_rate | DNS_FAILURE_REFRESH_RATE | string (Go Duration formatting) | 5s |
Examples
dns_failure_refresh_rate: 10s
Set Failure Refresh Rate in the Console:
dns:
failureRefreshRate: 10s
Lookup Family
Lookup Family sets the DNS IP address resolution policy.
How to Configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Default |
|---|---|---|---|
dns_lookup_family | DNS_LOOKUP_FAMILY | string | V4_PREFERRED |
Examples
default_lookup_family: AUTO
DEFAULT_LOOKUP_FAMILY=V6_ONLY
Set Lookup Family in the Console:
dns:
lookupFamily: V6_ONLY
Options
| Options | Description |
|---|---|
DEFAULT (Enterprise only) | Defers to configuration settings or default if none specified |
AUTO | DNS resolver will first perform a lookup for addresses in the IPv6 family and fallback to a lookup for addresses in the IPv4 family |
V4_ONLY | DNS resolver will only perform a lookup for addresses in the IPv4 family |
V6_ONLY | DNS resolver will only perform a lookup for addresses in the IPv6 family |
V4_PREFERRED | DNS resolver will first perform a lookup for addresses in the IPv4 family and fallback to a lookup for addresses in the IPv6 family |
ALL | DNS resolver will perform a lookup for both IPv4 and IPv6 families, and return all resolved addresses |
See the Envoy docs for more information about these options.
Query Timeout
Query Timeout sets the timeout for DNS queries.
How to Configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Default |
|---|---|---|---|
dns_query_timeout | DNS_QUERY_TIMEOUT | string (Go Duration formatting) | 5s |
Examples
dns_query_timeout: 10s
Set Query Timeout in the Console:
dns:
queryTimeout: 10s
Query Tries
Query Tries sets the number of times a DNS query will be re-tried.
How to Configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Default |
|---|---|---|---|
dns_query_tries | DNS_QUERY_TRIES | integer | 4 |
Examples
dns_query_tries: 7
Set Query Tries in the Console:
dns:
queryTries: 7
Refresh Rate
Refresh Rate sets the DNS refresh rate.
How to Configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Default |
|---|---|---|---|
dns_refresh_rate | DNS_REFRESH_RATE | string (Go Duration formatting) | DNS record TTL, or 5s if not set |
Examples
dns_refresh_rate: 10s
Set Refresh Rate in the Console:
dns:
refreshRate: 10s
UDP Max Queries
UDP Max Queries sets the maximum number of queries before a new UDP port is opened.
How to Configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Default |
|---|---|---|---|
dns_udp_max_queries | DNS_UDP_MAX_QUERIES | integer | 100 |
Examples
dns_udp_max_queries: 100
Set UDP Max Queries in the Console:
dns:
udpMaxQueries: 100
Use TCP
Use TCP configures Pomerium to use TCP instead of UDP for DNS queries.
How to Configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Default |
|---|---|---|---|
dns_use_tcp | DNS_USE_TCP | boolean | false |
Examples
dns_use_tcp: true
Set Use TCP in the Console:
dns:
useTcp: true