Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

DNS Server on IOS


I'm trying to configure a router as DNS server without "luck".

I've tried various things:

ip domain name net.sub.tld

ip name-server

ip host

ip dns server

ip dns primary net.sub.tld soa 21600 900 7776000 86400

I can do lookups on the router, but through the router I can't.

After I've done a lookup on the router and it gets the reply, it enters it in the hosts table (show hosts). NOW clients are able to resolve only this entry.

Local entries in the zone net.sub.tld works perfectly!

Any suggestions?

I've also tried to configure forwarder and source interfaces in the ip dns view default, but it's all the same.

The platform is a 1921 running IOS Version 15.1(4)M7



VIP Purple

Re: DNS Server on IOS

Hi Jacob,

I dont know about it will work on router or not

But here are the steps:

1. enable

2. configure terminal

3. ip dns server

4. ip name-server server-address1 [server-address2...server-address6]

5. ip dns server queue limit {forwarder queue-size-limit | director queue-size-limit}

6. ip host [vrf vrf-name] [view view-name] hostname {address1 [address2 ... address8] | additional address9 [address10 ... addressn]}

7. ip dns primary domain-name soa server-name mailbox-name [refresh-interval [retry-interval [expire-ttl [minimum-ttl]]]]

8. ip host domain-name ns server-name

to check more please check this document.

Hope it helps.


Dont forget to rate helpful posts.

New Member

Could it be an access list?

Could it be an access list? Are you allowing UDP packets to pass through on port 53?

This should be enough if there is no ACL issue:



ip domain name server.serve

ip name-server
ip name-server

ip dns view default
   dns forwarder
   dns forwarder
ip dns server queue limit forwarder 1500
ip dns server



Then maybe put this access list on your WAN interface in:

ip access-list extended DENY-DNS-FROM-WAN
 permit udp host any eq domain
 permit udp host any eq domain
 deny   udp any any eq domain
 permit ip any any


CreatePlease to create content