Limitations
Given here are the limitations for DNS-over-HTTPS of Cisco Security for Chromebook client.
| Limitation | Description |
|---|---|
| Internal Domains | ChromeOS does not allow configuration of customers' internal domains, which affects configurations involving split domains or split brain DNS configurations. However, if DNS-over-HTTPS (DoH) cannot resolve internal domains, ChromeOS does a local resolution as a backup. To address this situation, you can use the "DNS-over-HTTPS with insecure fallback" configuration in Google Workspace. For detailed steps, see Enabling DNS-over-HTTPS with Insecure Fallback guide. Note: ChromeOS has introduced the DNS over HTTPS included and excluded domains feature starting from version 131. This feature allows administrators to exclude specific domains from being resolved by Umbrella DoH resolvers, ensuring that internal DNS infrastructure handles these queries. For more information, see Bypass Internal Domains from DNS-over-HTTPS (DoH). |
| Virtual Appliance | Virtual Appliance (VA) detection and backoff is not supported by the DNS-over-HTTPS based solution because of ChromeOS limitations. However, customers should not face any issues with DNS resolutions in Chromebooks because of this limitation. |
Prerequisites > Limitations > Google Workspace Identity Service
Updated 9 days ago