Issue with Domain Resolution

Unanswered Question
Oct 13th, 2008
User Badges:

Hello Folks,


I have tried the next to enable the domain name resolution, but it doesn't work:


ip domain-lookup

...

ip name-server xxx.xxx.xxx.xxx

ip name-server yyy.yyy.yyy.yyy


If I send a ping like FQDN (example: www.cisco.com), there is not domain resolution. Appear the next:


Translating "www.cisco.com"... domain server (xxx.xxx.xxx.xxx) (yyy.yyy.yyy.yyy)

% Unrecognized host or address, or protocol not running.


Where the X address and Y address are the DNS of my ISP.


Could somebody help me please?.


Thanks in advance!!



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
satish_zanjurne Mon, 10/13/2008 - 04:52
User Badges:
  • Silver, 250 points or more


Hi,


1.Ensure the router can reach the DNS server. Ping the DNS server from the router using its IP address


2.Use these steps to ensure that the router forwards the lookup requests:


1.Define an access control list (ACL) that matches on DNS packets:


access-list 101 permit udp any any eq domain

access-list 101 permit udp any eq domain any


2.Use the debug ip packet 101 command.


Note: Ensure that you specify the ACL. If you enable the debug ip packet command without an ACL may produce a large amount of output to the console and cause the router to reload.


3.Ensure you have the ip domain-lookup command enabled on the router.This command is enabled by default , but still check it.


HTH...rate if helpful...


elias.manchon Mon, 10/13/2008 - 05:10
User Badges:

Hi Satish,


The first step fail. I cannot reach any ip address with Ping, Then I have disabled the access-list on my ATM interface and the same problem.


What can be happen?


Thanks

satish_zanjurne Mon, 10/13/2008 - 05:31
User Badges:
  • Silver, 250 points or more


1.Are you able to access internet from behind the router ?


2.Looks like routing issue.


3.Are you able to ping the ISP side IP Address from router ?

elias.manchon Mon, 10/13/2008 - 06:38
User Badges:

Yes, this is the configuration:


Current configuration : 2011 bytes

!

! Last configuration change at 16:08:56 UTC Mon Oct 13 2008 by admin

! NVRAM config last updated at 09:33:19 UTC Mon Oct 13 2008 by admin

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname XXX

!

boot-start-marker

boot-end-marker

!

enable secret 5 XXX

!

no aaa new-model

!

!

dot11 syslog

!

!

ip cef

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

ip name-server XXX.XXX.XXX.XXX

ip name-server YYY.YYY.YYY.YYY

!

!

!

username zzzz privilege 15 password 0 cccc

!

no crypto isakmp enable

!

archive

log config

hidekeys

!

!

!

!

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

hold-queue 224 in

!

interface ATM0.1 point-to-point

bandwidth 2016

ip unnumbered Vlan1

ip access-group 101 in

pvc 8/32

encapsulation aal5snap

protocol ip inarp

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

ip address KKK.KKK.KKK.KKK 255.255.255.192

hold-queue 100 out

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 ATM0.1

!

no ip http server

no ip http secure-server

!

access-list 101 permit ip host XXX.XXX.XXX.XXX host KKK.KKK.KKK.KKK

access-list 101 permit ip host YYY.YYY.YYY.YYY host KKK.KKK.KKK.KKK

access-list 101 deny ip any any

no cdp run

!

control-plane

!

!

line con 0

exec-timeout 120 0

password ccc

no modem enable

stopbits 1

line aux 0

line vty 0 4

access-class 23 in

exec-timeout 120 0

password ccc

login local

length 0

!

scheduler max-task-time 5000

end


Thanks Again!!

satish_zanjurne Mon, 10/13/2008 - 07:10
User Badges:
  • Silver, 250 points or more


Hi,


From any windows client behind the router on the command prompt see whether you are able to resolve google.com or cisco.com ??


"nslookup google.com"

"nslookup cisco.com"




elias.manchon Mon, 10/13/2008 - 07:42
User Badges:

From any windows client, the nslookup command and the ping command works fine.

From router console neither of them works.


Greetings!!

elias.manchon Mon, 10/13/2008 - 08:11
User Badges:

The problem of ping, could be the command on ATM 0.1 interface?:


interface ATM0.1 point-to-point

bandwidth 2016

ip unnumbered Vlan1

ip access-group 101 in

pvc 8/32

encapsulation aal5snap

protocol ip inarp

!

!


This is the only configuration strange on this router.

elias.manchon Mon, 10/13/2008 - 07:14
User Badges:

Yes, this is the configuration:


Current configuration : 2011 bytes

!

! Last configuration change at 16:08:56 UTC Mon Oct 13 2008 by admin

! NVRAM config last updated at 09:33:19 UTC Mon Oct 13 2008 by admin

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname XXX

!

boot-start-marker

boot-end-marker

!

enable secret 5 XXX

!

no aaa new-model

!

!

dot11 syslog

!

!

ip cef

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

ip name-server XXX.XXX.XXX.XXX

ip name-server YYY.YYY.YYY.YYY

!

!

!

username zzzz privilege 15 password 0 cccc

!

no crypto isakmp enable

!

archive

log config

hidekeys

!

!

!

!

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

hold-queue 224 in

!

interface ATM0.1 point-to-point

bandwidth 2016

ip unnumbered Vlan1

ip access-group 101 in

pvc 8/32

encapsulation aal5snap

protocol ip inarp

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

ip address KKK.KKK.KKK.KKK 255.255.255.192

hold-queue 100 out

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 ATM0.1

!

no ip http server

no ip http secure-server

!

access-list 101 permit ip host XXX.XXX.XXX.XXX host KKK.KKK.KKK.KKK

access-list 101 permit ip host YYY.YYY.YYY.YYY host KKK.KKK.KKK.KKK

access-list 101 deny ip any any

no cdp run

!

control-plane

!

!

line con 0

exec-timeout 120 0

password ccc

no modem enable

stopbits 1

line aux 0

line vty 0 4

access-class 23 in

exec-timeout 120 0

password ccc

login local

length 0

!

scheduler max-task-time 5000

end


Thanks Again!!

Actions

This Discussion