FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 295579

This article describes how to determine the sequence of DNS servers between the Primary and Secondary servers.

When talking about a sequence of selecting the DNS servers between Primary and Secondary, it refers to the order where these servers are utilized for DNS resolution.

In a typical DNS setup, there are Primary and Secondary DNS servers configured for redundancy and load distribution.

The priority is essential because it determines the sequence in which these servers are queried when resolving domain names.

Scope FortiGate.

The priority of DNS servers between the Primary and Secondary servers can be determined by configuring the 'server-select-method' as shown below.

CLI Syntax: 

config system dns

    set primary
    set secondary
    set server-select-method
least-rtt <----- Select servers based on the last round trip time.
failover <----- Select servers based on the order they are configured.


The 'least-rtt' emphasizes choosing the server with the least Round Trip Time, optimizing for speed and efficiency.

On the other hand, 'failover' adheres to a sequential order, providing a failover mechanism in case the primary server is unreachable or experiences problems.

The choice between these methods depends on the specific requirements of the network or application, considering factors such as performance, redundancy, and fault tolerance.