thanks so its not impacting anything when restarting internal process for dns.

so you means in this case ftd will act as internal dns server for internal users.

what ip client need to use as dns server , is this FTD inside ip address

Hi I have test this in my lab. here what you need to do. while i was making the changes i did not any impact/down time.

once the setting are setup Deploy the policy.

once policys are deployed you can check your configuration in FTD lina_cli

once changes are applied go to FTD cli/ssh and

dns domain-lookup Inside_Interface
dns server-group OpenDNS_cdyz5_local_domain
name-server 192.168.100.72
name-server 208.67.220.220
dns-group OpenDNS_cdyz5_local_domain

Thanks.

I will deploy and share results

This answer explicitly points to another DNS server (I believe) instead of running a DNS server on the Firepower itself like OP is asking. Bumping for visibility as I'm having the same issue and I don't believe this answer adequately suits OPs question.

Neither the FMC server or FTD sensor can act as a DNS server itself.

They can be configured to use internal or external DNS servers for resolution of names they have to know for their internal operations (as in for updates, URL lookups, use of FQDNs in ACLs etc.)

Thanks for this answer!

Quick Question and I promise it's the last;

In the underlying expert mode, there appears to be a copy of dnsmasq installed. Could this potentially be used as a hacky solution to an on-box DNS / DHCP solution? Obviously not ideal and security-wise, this would be a nightmare, but in theory, could it work?

@christianh98114  Well if you follow that approach then you could just install bind on the underlying Linux. But the configuration of the OS under FMC is not designed to be a general purpose server platform. Upgrades or even patches to FMC could likely break anything you setup or, worse, what you setup could cause unexpected behavior on your FMC.