Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1179
Views
0
Helpful
3
Replies

Don't foward queries to External DNS server on Cisco Router

Joe Silver
Level 1
Level 1

‎08-11-2014 01:47 PM - edited ‎03-07-2019 08:21 PM

Hello,

I've configured my old Cisco 2600 router to act as a DNS server for a LAN.  My clients successfully resolve internal hosts and external hosts just fine but I have noticed that the router will forward dns queries to our external DNS server for internal hosts within our domain.  As an example if I do a nslookup on "no-host.hq.example.org" the router see that the host can't be found on the LAN and will forward the request to our external DNS server even though the domain "hq.example.org" is a local domain on our LAN.  I would like to prevent DNS queries for local hosts to never forwared outside our network.  How can I prevent this?  Essentially I'm looking for the equivalent of the non-valid command "ip host *.hq.example.org"

Current configuration : 4209 bytes
version 12.4

!
hostname CiscoRTR

!
no ip dhcp use vrf connected
ip dhcp bootp ignore
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.100.1 192.168.100.10
!
ip dhcp pool Client-DHCP
   network 192.168.100.0 255.255.255.0
   dns-server 192.168.100.1
   default-router 192.168.100.1
   domain-name hq.example.org
!
!
ip domain name hq.example.org
ip host fileserver.hq.example.org 10.1.1.1
ip host webserver.hq.example.org 10.1.1.2
ip name-server 208.67.222.222
ip name-server 208.67.220.220
!
ip dns server
!

Thanks!

Joe

Labels:
0 Helpful
3 Replies 3

SANTHOSHKUMAR SARAVANAN
Level 4
Level 4

‎08-11-2014 03:59 PM

Hi Joe ,

Do the following on your router , thereafter you should able to resolve it , because your router is configured for external name server

no ip name-server 208.67.222.222
no ip name-server 208.67.220.220

ip name-server 192.168.100.1

 

HTH

Sandy
 

0 Helpful

Joe Silver
Level 1
Level 1
In response to SANTHOSHKUMAR SARAVANAN

‎08-11-2014 07:19 PM

Thank you for the response.  What I'd like to do is allow my clients to resolve external domain names but I'd like to keep hosts within my local domain (hq.example.org) to stay local and not get forwarded to an external dns server.  If for example if I'm trying to resolve a local fileserver.hq.example.org and it's not found on the LAN then I don't want the dns request to be forwarded to external dns server for just the domain "hq.example.org". 

Joe

0 Helpful

martinpatzer
Level 1
Level 1

‎09-06-2014 01:26 AM

Hi Joe,

I got a very similar problem and believe you are looking for the following feature: Split DNS

Have a look here: http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t11/htspldns.html

and here for a more practical-oriented approach: http://haxcess.com/2013/04/22/cisco-split-dns-on-a-router/

 

BTW, I would appreciate it A LOT if people at least tried to understand what exactly the problem is before answering something completely unrelated, it happens so often in these threads. Attentive reading would be a good start, especially when everything is clearly statet and explained like in Joes question.

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card