Hi all,
When I'm going to bed at night I like to read a bit.
I don't read stories but I read documentation, yeah I know, wracking the brain just before sleep... however I like doing it.
Recently I've started to re-read Meraki documentation articles before falling asleep.
The documentation is usually written in an easy enough way to everyone even if you're not familiar with each topic that is presented.
Since Meraki devices do not expose their inner workings by means of debugging/logging it's sometimes hard to fully grasp how a certain technology works and in what cases it would fail or not produce the results you thought they would.
The Meraki documentation does mention some details about certain protocols or features but not everything.
So I was wondering if there would be a way, like on this community to ask the Meraki engineers to further elaborate on specific topics from certain Meraki documents.
I'll give an example:
In this article I've read yesterday: https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Firewall_Settings
there is a section dedicated to FQDN support in outbound rules and the need for the MX to see the DNS request to be able to block or allow a certain session towards that host.
What for me is not clear is how the MX manages this because it is not clear how the MX stores this.
For example if the DNS server is on-premise behind the CORE switch (which also can be Meraki) The MX will never see the DNS request from the client itself but will see a DNS forwarder request coming from that server to a DNS on the internet.
Will the MX keep a cache of DNS requests, and for how long. What with DNS resolutions that yield a different IP each time a certain fqdn is requested?
Or will the MX only match on a DNS request from a certain client and only act on the rule for that client alone (which would not work in this case).
I could ask question just about each document... so I'm curious. What are your thoughts.
