SRX Getting Started - Configure DNS

This article describes how to configure, verify, and troubleshoot DNS.

Configure DNS by performing the following tasks:

  • Configure the device hostname
  • Configure DNS servers
  • Configure the domain name


This section contains the following:

J-Web Configuration

To configure DNS:

  1. Select Configuration>System Properties>System Identity.
  2. Click Edit.The Edit System Identity window appears.
  3. In the Hostname box, enter the name of the device (for example, myserver).
  4. In the Domain name box, enter the domain name for the device (for example,
  5. In the DNS servers area, click Add to add a DNS server. The Add DNS Server window appears.
  6. In the IP address box, enter the IP address of a DNS server, and click OK.

To add multiple DNS servers, repeat steps 5 and 6 for each server.

  1. In the Edit System Identity window, click OK. A status popup appears. If the configuration changes are validated successfully, the popup automatically closes. If the changes are not validated, click Details for more information.
  2. If you are finished configuring the device, click Commit to commit the configuration.

CLI Configuration

To configure DNS:
  1. Specify the name of the device as myserver by using the set system host-name command.
  2. user@host# set system host-name myserver
  3. To configure DNS servers to resolve hostnames, use the set system name-server command. In the following example, two public DNS servers ( and from are configured.
  4. user@host# set system name-server
    set system name-server

  5. Configure the domain name of for the device using the set system domain-name command.

user@host# set system domain-name

Technical Documentation

Getting Started Guide for Routing Devices   See the section 'Understanding DNS'.


To verify the hostname of the device, use the show system host-name command.

user@host# show system host-name
host-name myserver;

To verify the domain name server configuration, use the show system name-server command.

user@host# show system name-server;

To verify the domain name for the device, use the show system domain-name command.

user@host# show system domain-name


NOTE: Name resolution will not work for SRX if the DNS server is only reachable via a VR (Virtual Router).  The SRX cannot source the DNS queries from a VR type routing instance.

Use the show monitor traffic operational command to troubleshoot any issues between the SRX Series device and the DNS server. For more information, see Using the monitor traffic command.

For issues with transit DNS traffic, use the packet capture feature to snoop packets traveling through the device within the forwarding plane. For more information, see Configuring Packet Capture. The packet capture feature is not available on the SRX3400, SRX3600, SRX5600, and SRX5800 devices.  For an example of the packet capture feature, see KB16110 - SRX Getting Started -- Troubleshooting Traffic Flows and Session Establishment.

