ZPA Deployment Tip: DNS

When deploying a connector within any infrastructure, one of the key functions required by a ZPA app connector is: DNS

Please do ensure that the DNS server used by the connector, is local to the connector. As in within the same logical of physical location where the connector is implemented.
You need to minimise the latency in the connector resolving either the namespace for internal apps or the Internet path.

Should the connector have a DNS server that is further away, that subsequent resolution is reliant on the DNS lookup being sent to and received from that DNS sever. So minimise to to best effect.

3 Likes

Hi Nathan

We have connectors, that have only 1 DNS Server locally in their physcial location. So would you recommend to just configure 1 DNS Server only?

Or will the connector be able to handle this (prioritize the first) if I put first the local DNS Server. i.e

local DNS 8.34.34.34
remote DNS 8.35.35.35
Thanks
Daniel

Hey @schulda1, so the reason for my statement is simply that we want to minimise DNS resolution times, by keeping it local.
Connector is following the Linux /etc/resolv.conf so it will try the first DNS & if that doesnt work it will try the second.
In this scenario, if the primary DNS is down, then I would suggest that the bigger issue is that the DNS is down :slight_smile:

Ultimately keep the DNS local, but in your scenario have the less effective DNS as the secondary.