I am trying to do a specific task and not being able to figure out what I need to do. Essentially, I would like the Cisco IOS router (3945) to change all DNS traffic going outbound, to use port 54 instead of the standard port 53.
Setup is very simple. One inside Interface and One Outside interface. Internal addressing on the inside with PAT for internet access. I would like that whenever an internal client makes a DNS request. When the router forwards that to the DNS server on the internet, it should send it to port 54 instead of 53.
"When the router forwards that to the DNS server on the internet, it should send it to port 54 instead of 53."
Do you control the DNS server on the internet that you're wanting to forward to? If not, you'll break DNS for your users...
Outside of that, this is more than likely going to need to happen with natting and your internal DNS server (I'm assuming that you have a separate server). You'll need to port translate from that server to 54:
Server IP: 192.168.1.50
ip nat inside source static udp 192.168.1.50 53 x.x.x.x 54
Thanks for the comment. I was under the impression that while using NAT, it should be more like ip nat OUTSIDE source static, since traffic is flowing from the inside interface to the outside interface.
It's based on where you're going to see the traffic from. If you want to translate inside -> outside, you'll use "ip nat inside". Outside would be when you're wanting to translate an outside source to something else internal.
It also depends on what interfaces you have labeled as "ip nat outside" and "ip nat inside".
ip nat outside source list:
translates the source of the IP packets that are traveling outside to inside
translates the destination of the IP packets that are traveling inside to outside
ip nat inside source list:
translates the source of IP packets that are traveling inside to outside
translates the destination of the IP packets that are traveling outside to inside
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...