You may use resolver policies if you require access to non-publicly routed domains, such as private network services or internal resources. You may also use resolver policies if you need to access a protected DNS service or want to simplify DNS management for multiple locations.
Resolver policies support TCP and UDP connections. Custom resolvers can point to the Internet via IPv4 or IPv6, or to a private network service, such as a . Policies default to port
53. You can change which port your resolver uses by customizing it in your policy.
Create a resolver policy
Select Add a policy.
Create an expression for your desired traffic. For example, you can resolve a hostname for an internal service:
Selector Operator Value Host in
In Select DNS resolver, choose Configure custom DNS resolvers.
Enter the IP addresses of your custom DNS resolver.
In Network, choose whether to route queries publicly (to the Internet) or privately (to a private network service).
(Optional) Enter a custom port for each IP address.
Select Create policy.
Gateway will send a query to all resolvers listed, returning the first response. Custom resolvers are saved to your account for future use.