Don't foward queries to External DNS server on Cisco Router
I've configured my old Cisco 2600 router to act as a DNS server for a LAN. My clients successfully resolve internal hosts and external hosts just fine but I have noticed that the router will forward dns queries to our external DNS server for internal hosts within our domain. As an example if I do a nslookup on "no-host.hq.example.org" the router see that the host can't be found on the LAN and will forward the request to our external DNS server even though the domain "hq.example.org" is a local domain on our LAN. I would like to prevent DNS queries for local hosts to never forwared outside our network. How can I prevent this? Essentially I'm looking for the equivalent of the non-valid command "ip host *.hq.example.org"
Current configuration : 4209 bytes version 12.4
! hostname CiscoRTR
! no ip dhcp use vrf connected ip dhcp bootp ignore no ip dhcp conflict logging ip dhcp excluded-address 192.168.100.1 192.168.100.10 ! ip dhcp pool Client-DHCP network 192.168.100.0 255.255.255.0 dns-server 192.168.100.1 default-router 192.168.100.1 domain-name hq.example.org ! ! ip domain name hq.example.org ip host fileserver.hq.example.org 10.1.1.1 ip host webserver.hq.example.org 10.1.1.2 ip name-server 18.104.22.168 ip name-server 22.214.171.124 ! ip dns server !
Thank you for the response. What I'd like to do is allow my clients to resolve external domain names but I'd like to keep hosts within my local domain (hq.example.org) to stay local and not get forwarded to an external dns server. If for example if I'm trying to resolve a local fileserver.hq.example.org and it's not found on the LAN then I don't want the dns request to be forwarded to external dns server for just the domain "hq.example.org".
I got a very similar problem and believe you are looking for the following feature: Split DNS
Have a look here: http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t11/htspldns.html
and here for a more practical-oriented approach: http://haxcess.com/2013/04/22/cisco-split-dns-on-a-router/
BTW, I would appreciate it A LOT if people at least tried to understand what exactly the problem is before answering something completely unrelated, it happens so often in these threads. Attentive reading would be a good start, especially when everything is clearly statet and explained like in Joes question.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.