Force source interface.

Unanswered Question
Jul 20th, 2007
User Badges:

Hi NetPros:

Is there any way to force the outbound interface of the router?

I mean, when router does ping, dns, queries, ntp, etc... is doing with the interface nearest to destination, does it?

I need router do queries, pings, and so on with source internal private ip and later nat to inside public ip.

Any advice?

Thanks in advance and best regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mohammedmahmoud Fri, 07/20/2007 - 08:35
User Badges:
  • Green, 3000 points or more


For ping use, "ping ip source ".

Other service like TACACS for example can control the source interface "ip tacacs source-interface <>".


Mohammed Mahmoud.

olafmarcos Fri, 07/20/2007 - 08:38
User Badges:

Hi Mohammed:

I need this cause router is dns server and it does queries unattended. I need to force source interface all time.

Thanks and regards,


mchoo2005 Tue, 07/24/2007 - 22:15
User Badges:

I've never come across a way to force source-interface for DNS on Cisco routers (in fact, I've never come across a Cisco router being used as a DNS server!). I tried searching Cisco's doco, as well as trying several commands on an actual router. No joy.

However, most other protocols in Cisco routers have specific commands to force their source-interface. E.g.:

- NTP: ntp source

- SNMP Trap: snmp-server trap-source

- TFTP: ip tftp source-interface

- FTP: ip ftp source-interface

- SSH: ip ssh source-interface

- TACACS: ip tacacs source-interface

- RADIUS: ip radius source-interface

etc. etc. etc.


olafmarcos Wed, 07/25/2007 - 10:44
User Badges:

I saw the option to force the source interface of other protocols, but cisco has the built-in dns server (proxy server), and why not to use?

I remember other issue updating dyndns ip cause not to be able to force source interface.

This necesity is due to be able to map a range of ports to a internal server. I need an ip nat:

ip nat inside source static PrivateIP PublicIP/Interface

I only have one public ip. Router's dns queries or any other access to internet is doing with the ip of the nearest interface (PublicIP). And due to ip nat statement, all replies are natted to internal server, so router hasn't access.

I put other conversation and the result is that this approach is not possible with Cisco (when "every cheap" routers does).

Any advices?

Thanks and best regards,


mchoo2005 Wed, 07/25/2007 - 16:38
User Badges:

Sorry Olaf... I don't have much experience with NAT-ing on Cisco routers (been using Firewalls mostly). But, I was thinking... maybe unnumbered interface may help somehow?

olafmarcos Wed, 07/25/2007 - 17:18
User Badges:

I'll try your sugestion. Any configuration example?

I thought with loopback interface too.



This Discussion