Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2529
Views
0
Helpful
2
Replies

871 Router as a very simple DNS server, proxy

MauryJ
Level 1
Level 1

‎03-27-2007 06:16 PM - edited ‎03-05-2019 03:08 PM

I've been reading a bit about the dns proxy feature but am not sure if it would do what I'd like it to do.

In one of our small offices we have an 871 (with 12.4-11.T1 Adv IP loaded) that serves as the perimeter router and also does basic firewall duty.

Here we have a small web server that has a local 192.168 address, and also has a static public IP address mapped to it, along with a public host/domain name.

The problem is that we can access the server from the outside using its public URL, but, on the lan we have to use the local IP address instead. I was contemplating setting up a small local DNS server that would take care of this, but, thought it would be wonderful if the 871 could do this own its own... Would it be possible for us to use it as our DNS server, specify one or two hostnames for which it would return an address, then forward any other requests to our ISP's nameservers?

Thanks

M

Labels:
0 Helpful
2 Replies 2

answanso
Cisco Employee
Cisco Employee

‎03-28-2007 08:24 AM

You can do this one of two ways:

- The first is to create a DNS view:

1. Create a dns view and give it the name.

c2811(config)#ip dns view

2. Here you define your ISPs DNS servers.

c2811(cfg-dns-view)#domain name-server

I have never tried it dynamically, but the command above says it possible

through the interface keyword if you choose:

c2811(cfg-dns-view)#domain name-server ?

A.B.C.D Host IP address

interface Gather dynamically from interface address acquisition

vrf Specify VRF name

c2811(cfg-dns-view)#domain name-server interface FastEthernet0/0

3. Specify your inside interface as the source-interface.

c2811(cfg-dns-view)#dns forwarding source-interface FastEthernet0/1

c2811(cfg-dns-view)#exit

4. Enable dns server on the router. The configuration above will not work

withough this.

c2811(config)#ip dns server

c2811(config)#end

c2811#

There is a defect that may prevent this from working. Its fixed in 12.4(9)T

and is defect CSCek06597, Split DNS: dns forwarding source-interface is not

working.

- The second is called DNS spoofing and here is the documentation for it.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guid

e09186a00801a7605.html

Its a 2 line configuration, you enable the "ip dns server" and then the "ip

dns spoofing x.x.x.x" and the device should act as a proxy for dns queries.

HTH

Anthony

0 Helpful

IVAN PEPELNJAK
Level 1
Level 1

‎03-28-2007 10:05 AM

You can use the router as a DNS server, but (at least locally) it has to be an authoritative server for a whole subdomain (of course you can have another public DNS server resolving that subdomain to anyone else). You'll find the configuration examples here:

http://ioshints.blogspot.com/search/label/DNS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card