DNS nslookup problem

Unanswered Question
Aug 29th, 2009
User Badges:

hai all,

referring to the following link


we have configured the below configuration

ip subnet-zero

ip name-server x.y.z.w

ip forward-protocol udp domain

access-list 10 permit udp any any eq domain

access-list 10 permit udp any eq domain any

access-list 10 deny any


ip domain lookup

ip domain name x.y.z

ip ospf name-lookup

ip domain list

Mainly from my network to DNS server another set of routers is there , could i have to configure anything like

ip forward-protocol udp domain

second thing is i m not able to give

access-list 10 permit udp any any eq domain

access-list 10 permit udp any eq domain any

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Peter Paluch Sat, 08/29/2009 - 08:28
User Badges:
  • Cisco Employee,

Hello Anand,

You did not explain what you are trying to achieve and what is the problem you are experiencing.

The problem with your ACL is that the number 10 refers to a standard ACL. However, you want to specify protocol, source, destination and ports - you need the extended ACL for that which are numbered from 100 to 199 and from 2000 do 2699.

As for the obviously DNS-related configuration: the command "ip forward-protocol" is used for UDP helper that forwards UDP broadcasts of a selected protocol to a predefined address. Is that what you want? If you wanted your router to serve as DNS server for other clients then this is not how it is configured. Refer to this document for more information how to run a DNS server on a router:


Best regards,


anandkumar.cisco Tue, 09/01/2009 - 20:38
User Badges:

Dear peter,

I have added two entries in DNS server

for loopback0(Hostanme of Router) &

for Loopback1(NSAP Address-75505017550014) which is mentioned below

X25 route has given for this to come inside Network from Remote

Nsap address on the remote side is 75505017550014

Nsap address on the Inside network is 20405017550002

The Problem is i have to get ping nsap Successful from that router


x25 route 75505017550014 interface Serial0/1/1

x25 route 20405017550002 xot z.z.z.z xot-source Loopback0

interface Serial0/1/1

no ip address

encapsulation x25 dce

clock rate 64000

interface Loopback0

description "LOOPBACK-0"

ip address x.x.x.x

interface Loopback1

description "LOOPBACK-1"

ip address y.y.y.y



Peter Paluch Tue, 09/01/2009 - 22:41
User Badges:
  • Cisco Employee,

Hello Anand,

I am sorry but you have confused me here. Your original post suggested that you are either trying to set the IP of the DNS server on a router, or you want the router itself to be a DNS server. Now you have brought in the X.25 and you are explaining me that you basically need to ping the NSAP address of the remote router.

What is what you really are trying to accomplish? Are you trying to solve a name-to-address resolution problem, or a X.25/IP network connectivity?

Best regards,


anandkumar.cisco Wed, 09/02/2009 - 01:29
User Badges:

I have set the IP of the DNS server on a router,

mainly i want to do the solve a name-to-address resolution problem

Peter Paluch Wed, 09/02/2009 - 02:34
User Badges:
  • Cisco Employee,

Hello Anand,

Can you already ping the the remote end by entering the NSAP address instead of its name?

If you want to use DNS system to translate the domain names into the NSAP addresses, you must enter this command into your global configuration:

ip domain-lookup nsap

I assume that you have created the NSAP-type resource records in your DNS servers. Then you can try to ping the remote location using the NSAP address using the command

ping clns REMOTE-NAME

Best regards,


anandkumar.cisco Wed, 09/02/2009 - 03:20
User Badges:

i m trying to ping nsap address(75505017550014) only, what will be the NSAP name

Other Query is there that,

My Connectivity is like below


Where between DNS & ER Router all other Routers are there,

i have not given first mentioned DNS in BBR,

cant do ping hostname in AR, BBR ( could i have to give DNS in BBR)

but can do ping hostname to the device connected to CS

how can i resolve this


This Discussion