Meraki Community

mwiater · ‎Mar 19 2023

I think I understand that the MX firewalls internally run dnsmasq. If that's the case, what are the chances that Meraki is looking to supportthe use of the Server= configuration option that dnsmasq has, allowing admins to send dns queries for some domains to specific servers?

My use case is multi site Micrsoft based organizations that have all server resources in one of the networks, my server= command could direct windows domain queries to the internal servers and lookups for external domains could be sent out to the internet. There are unfortunately times when the servers become unavailable and everything breaks because dns is broken.

Is this even being considered and if not, how would i get that on folks' radar?

Brash · ‎Mar 19 2023

I'm not aware of it being a roadmapped feature.

You're best running this by your Meraki sales rep/account manager.

These kind of things typically get added if either there's a large enough user base pushing for the feature, or you have a big enough deal on the table to justify the internal development costs of implementing it.

Finally, I'm not 100% sure but possibly this is something that Cisco umbrella can deliver.

View solution in original post

Brash · ‎Mar 19 2023

I'm not aware of it being a roadmapped feature.

You're best running this by your Meraki sales rep/account manager.

These kind of things typically get added if either there's a large enough user base pushing for the feature, or you have a big enough deal on the table to justify the internal development costs of implementing it.

Finally, I'm not 100% sure but possibly this is something that Cisco umbrella can deliver.

PhilipDAth · ‎Mar 20 2023

Cisco Umbrella (using the agents) can 100% do this. You can specify domains that are "local" (such as AD domains), and everything else is sent to the Umbrella DNS servers to resolve.

https://docs.umbrella.com/deployment-umbrella/docs/domain-management

You can also do this using the Umbrella VA appliances (in case you don't want to put agents on every computer - which I think is the better option):

https://docs.umbrella.com/deployment-umbrella/docs/6-local-dns-forwarding

mwiater · ‎Mar 20 2023

Understood that another product can do this, several others can including NRPT in windows. But it makes so much sense to me for this really simple configuration item that already exists in the underlying product to be leveraged in the dashboard.

Brash · ‎Mar 20 2023

The reason I mentioned that Umbrella supports it is because Cisco positions Umbrella as an addition to Meraki gear as a suite of products.

Having previously worked closely with development teams at a vendor, small changes like that are often the hardest to get across the line because they cost too much to implement for the value they provide.

When you factor in taking devs off other critical bugs to do the implementation, testing, validation, documentation/training and support, it comes to multiple thousands of dollars.

That's why it's often up to the sales team to justify why this is important for customers in terms of deal sizes and $$

mwiater · ‎Mar 20 2023

I really appreciate both of your responses, I hope you didn't feel anything but that appreciation.

We're reaching out to our rep to see if anything can be done to enable the feature. I understand that even a small change can be significant, but it really feels worth quite a bit to me as a network operator. This problem, where our DHCP clients in network A have Internet connectivity but no DNS connectivity to network B where the DNS servers live (for varying reasons), is one that clients end up experiencing way more than they need to, at least in my world.

I think the benefit is large and it's another thing that makes a Meraki network 'just work' even when components on it don't.

Meraki Community

DNS services on MX

DNS services on MX