USG DNS behavior does the USG firewall effectively act like a DNS server? What happens if it does not know an address? Does it ignore the request, or does it forward the request itself. That is, will the DNS answer always come from the USG or does the exchange get handed off?
Im interested because I need to be able to answer a malformed DNS request. Trying to figure out how I can accomplish that.
"Then said I, Wisdom [is] better than strength: nevertheless the poor man's wisdom [is] despised, and his words are not heard. " Ecclesiastes 9:16
It can be...
You can configure the USG to simply hand out the WAN side DNS servers to clients on the inside, or itself.
There is a section under Configuration > System > DNS for creating records, it has these sections...
Address/PTR Record (for FQDN)
Domain Zone Forwarder
MX Record (for FQDN)