A fully qualified domain name (FQDN) is the complete domain name for a specific host on the Internet. FQDNs are used in firewall rules to allow or reject traffic going to specific domains.
The FQDN attribute type is used in distributed firewall FQDN Filtering policy, see FQDN Filtering. NSX supports custom FQDNs that are defined by an administrator in addition to the pre-defined list of FQDNs.
Note: Custom FQDNs do not support custom top level domain names.Custom FQDN supports the following:
- Starting in 4.0.1, FQDN supports processing of DNS response record packets containing canonical names (CNAMEs).
- Full FQDN names such as maps.google.com or myapp.corp.com
- Partial REGEX with * at the beginning only such as *eng.northpole.com or *yahoo.com
- FQDN name length up to 64 characters
- FQDN names must end with the registered top level domain (TLD) such as .com, .org, or .net
example.com, would not include any sub domains.
- From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
- Select .
- Select the Attribute Types tab, and FQDNs.
A table of system-generated FQDNs appears.
- Select .
- Enter the domain name in form *[hostname].[domain]. For example, *abracadabra.com
Do not include http:// or any other header.
- Click Save.
The user-defined FQDN is shown in the table of available FQDNs, with User in the Created By column.
- (Optional) To display a subset of FQDNs, click Filter by Name, Path and more and select Created by or Domain.
What to do next
FQDNs can be used in context profiles for distributed firewall rules.