Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

no dns request forwarding with vlan

Hi all,

i've setup a basic routing infrastructure with vlans, the cisco (GE0/0 208.105.69.43, GE 0/1 vlan local) is attached to the cable modem (208.105.69.41).

if i ping google from the cisco it goes fine:

blackDevil# ping google.it

Translating "google.it"...domain server (24.29.99.35) [OK]

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 209.85.229.104, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 92/92/96 ms

blackDevil#

but from a local computer i can:

ping 10.0.102.10

PING 10.0.102.10 (10.0.102.10): 56 data bytes

64 bytes from 10.0.102.10: icmp_seq=0 ttl=255 time=1.382 ms

64 bytes from 10.0.102.10: icmp_seq=1 ttl=255 time=1.549 ms

64 bytes from 10.0.102.10: icmp_seq=2 ttl=255 time=1.345 ms

^C

--- 10.0.102.10 ping statistics ---

3 packets transmitted, 3 packets received, 0.0% packet loss

round-trip min/avg/max/stddev = 1.345/1.425/1.549/0.089 ms

but if i try to ping google.it i get "unknown host google.it"

the following is the "debug ip detail accesslist 195"

*Apr  2 18:14:13.348: IP: s=10.0.102.56 (GigabitEthernet0/1.2), d=10.0.102.10, len 55, input feature

*Apr  2 18:14:13.348:     UDP src=60800, dst=53, MCI Check(66), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE

*Apr  2 18:14:13.348: FIBipv4-packet-proc: route packet from GigabitEthernet0/1.2 src 10.0.102.56 dst 10.0.102.10

*Apr  2 18:14:13.348: FIBfwd-proc: Default:10.0.102.10/32 recieve entry

*Apr  2 18:14:13.348: FIBipv4-packet-proc: packet routing failed

*Apr  2 18:14:13.348: IP: tableid=0, s=10.0.102.56 (GigabitEthernet0/1.2), d=10.0.102.10 (GigabitEthernet0/1.2), routed via RIB

*Apr  2 18:14:13.348: IP: s=10.0.102.56 (GigabitEthernet0/1.2), d=10.0.102.10 (GigabitEthernet0/1.2), len 55, rcvd 3

*Apr  2 18:14:13.348:     UDP src=60800, dst=53

*Apr  2 18:14:13.348: IP: s=10.0.102.56 (GigabitEthernet0/1.2), d=10.0.102.10, len 55, stop process pak for forus packet

*Apr  2 18:14:13.348:     UDP src=60800, dst=53

*Apr  2 18:14:13.348: IP: s=10.0.102.56 (GigabitEthernet0/1.2), d=10.0.102.10, len 55, input feature

*Apr  2 18:14:13.348:     UDP src=46368, dst=53, MCI Check(66), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE

*Apr  2 18:14:13.348: FIBipv4-packet-proc: route packet from GigabitEthernet0/1.2 src 10.0.102.56 dst 10.0.102.10

*Apr  2 18:14:13.348: FIBfwd-proc: Default:10.0.102.10/32 recieve entry

*Apr  2 18:14:13.348: FIBipv4-packet-proc: packet routing failed

as you can see it receives the dns request and the routing fails, do you think is something about vlan routing ? seams strange to me... i didn't yet tried without...here is my configuration:

blackDevil#show run

Building configuration...

Current configuration : 5176 bytes

!

! Last configuration change at 16:36:02 UTC Fri Apr 2 2010 by admin

!

version 15.0

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname blackDevil

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

!

no aaa new-model

!

!

!

!

no ipv6 cef

ip source-route

ip cef

!

!

!

!

ip domain list mydomain.org

ip domain name mydomain.org

ip host cisco 10.0.102.10

ip name-server 24.29.99.35

ip name-server 24.29.99.36

ip name-server 10.0.102.7

!

multilink bundle-name authenticated

!

username admin privilege 15 secret 5 $1$..B6$69fkXasdefgEyWTeeogA.

!

redundancy

!

interface GigabitEthernet0/0

description $ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$$FW_OUTSIDE$$ETH-WAN$

ip address 208.105.69.43 255.255.255.248 secondary

ip address 208.105.69.46 255.255.255.248

ip broadcast-address 208.105.69.47

duplex auto

speed auto

!

!

interface GigabitEthernet0/1

description $FW_INSIDE$

ip address 10.0.101.1 255.255.255.0

duplex auto

speed auto

!

!

interface GigabitEthernet0/1.1

description DMZ

encapsulation dot1Q 4

ip address 10.0.104.1 255.255.255.0

!

interface GigabitEthernet0/1.2

description MZ (trace ny private zone)

encapsulation dot1Q 2

ip address 10.0.102.10 255.255.255.0

!

ip forward-protocol nd

!

ip http server

ip http access-class 1

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

!

ip default-network 208.105.69.41

ip route 0.0.0.0 0.0.0.0 208.105.69.41 permanent

!

access-list 1 permit 10.0.102.0 0.0.0.255

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 195 permit ip 0.0.0.56 255.255.255.0 any

!

control-plane

!

!

!

line con 0

login local

line aux 0

line vty 0 4

privilege level 15

login local

transport input telnet ssh

line vty 5 15

privilege level 15

login local

transport input telnet ssh

!

scheduler allocate 20000 1000

end

what do you think ?

thanks a lot!

kky

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: no dns request forwarding with vlan

kky

Where is NAT occuring to change the 10.x.x.x addresses to public internet addresses ? Is it on the cable modem

Also what DNS server is configured on the client. If windows client can you post "ipconfig /all" from the pc.

Can you ping IP internet IP addresses from the client ?

Jon

2 REPLIES
Hall of Fame Super Blue

Re: no dns request forwarding with vlan

kky

Where is NAT occuring to change the 10.x.x.x addresses to public internet addresses ? Is it on the cable modem

Also what DNS server is configured on the client. If windows client can you post "ipconfig /all" from the pc.

Can you ping IP internet IP addresses from the client ?

Jon

New Member

Re: no dns request forwarding with vlan

good questions ! just what i needed on a friday afternoon..

so i've configured the nat and changed the dns from the router to the cable modem and it works !

thanks !!

989
Views
0
Helpful
2
Replies