Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can you modify a destination IP based on egress interface?

I have a router with one inside interface and two outside interfaces. Outside interface #1 goes to ISP #1, and Outside interface #2 goes to ISP #2. The “users” on the inside network have ISP #1 DNS servers hard coded and changing them right now is not an option. I need it so that when the primary path fails over from ISP #1 to ISP #2, everything just works.

I looked at using “ip nat inside destination”, to translate requests going to ISP #1 dns into ISP #2 DNS, but it doesn't let me tie it to a route-map, so I can't say “Only translate if packets are going out ISP #2”. Does anyone know how to translate a destination and tie it to a route-map or something similar so it only happens if packets are going out ISP #2?

Brian

5 REPLIES
Hall of Fame Super Gold

Re: Can you modify a destination IP based on egress interface?

Why don't you configure these DNS addresses in the router as looback if's. Then you configure "ip dns server". That should you get you going more easily.

New Member

Re: Can you modify a destination IP based on egress interface?

Thanks for your reply.

Is there a way the IOS can act like a normal resolving name server, where it will query the root servers directly? I did not see this.

I follow what your saying about hijacking the ISP DNS IP's and setting them as loopbacks. Then I could configure the router to resolve using like 4.2.2.2 or some other "open" dns server which doesn't restrict who can use it. In effect the router is just forwarding all queries to a real dns server upstream which will query the root servers.

I would really be interested if the router can query root servers directly.........do you know if this is possible?

Hall of Fame Super Gold

Re: Can you modify a destination IP based on egress interface?

Yes, that what I'm suggesting. See:

http://www.cisco.com/en/US/docs/ios/ipaddr/configuration/guide/iad_config_dns_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1063353

However, unless ISP1 DNS are filtered, they should able to serve request even when coming via ISP2 links and addresses.

As an appreciation to those providing answers, please rate useful posts if it does!

New Member

Re: Can you modify a destination IP based on egress interface?

I am sure ISP1 and ISP2 both filter, as most ISP's do these days due to DoS possibilities with open DNS. So I will need to look to using an open DNS.

I wish there was a way to do destination NAT based on egress interface. For example being able to tie a Destination NAT to a route-map and just match the exit interface..........doesn't seem to be the case.

Hall of Fame Super Gold

Re: Can you modify a destination IP based on egress interface?

Hi, you should look at nat outside destination, that should work too. But I think DNS on the router it's easier.

Thanks for the appreciation and good luck!

117
Views
5
Helpful
5
Replies