Smitesh,

Thanks for the reply. Herewith all the DNS related settings in my config (in the order that they appear in the config):

ip domain name secmansol.local

ip name-server 192.168.1.200

ip name-server 192.168.1.201

ip dns view default

dns forwarder 41.160.0.36

dns forwarder 41.160.0.37

ip dns server

I have entered the ip domain-lookup command (numerous times), but it does not appear in the config as I assume it is on by default.

Yet still with the above whenever a name is resolved only the 192.168.1.200 server is used, even if the resolution fails. The other 3 servers are never used.

Any ideas ?

Thanks !

Oliver,

Since you have given the command ip domain name secmansol.local; it will try to append that to make it FQDN.

Can you try the following,

remove  the following configs:

ip dns view default

dns forwarder 41.160.0.36

dns forwarder 41.160.0.37

ip dns server

and add the following config:

ip name-server 8.8.8.8

Regards,

Smitesh

Smitesh,

I tried your suggestion, herewith my new config entries :

     ip domain name secmansol.local

     ip name-server 8.8.8.8

     ip name-server 41.160.0.36

and then I tried to ping a local/vpn :

     #ping vpnsiteserver

     Translating "vpnsiteserver"...domain server (8.8.8.8)

     % Unrecognized host or address, or protocol not running.

and then tried to ping a internet site :

     #ping www.microsoft.com

     Translating "www.microsoft.com"...domain server (8.8.8.8) [OK]

     Type escape sequence to abort.

     Sending 5, 100-byte ICMP Echos to 64.4.11.17, timeout is 2 seconds:

I am out of ideas here ...

Take a look at this:

ip host www.example.com 192.168.01

ip host mail.example.com 192.168.0.2

ip dns view default

domain name example.com

domain name-server  8.8.8.8

domain name-server  8.8.4.4

dns forwarder 8.8.8.8

dns forwarder 8.8.4.4

ip dns view-list DNS_VIEW_LIST

view default 10

ip dns server

ip dns primary example.com soa ns.example.com webmaster.example.com 21600 900 7776000 86400

The router will try to resolve anything for domain example.com [in this www and mail.example.com] and if it can not resolve it it will forward to 8.8.8.8 and 8.8.4.4

It should work !

Jose,

Herewith the relevant new DNS settings from my config :

ip host bugrogers.secmansol.local 192.168.1.200

ip host bidibidi.secmansol.local 192.168.1.201

ip dns view default

domain name secmansol.local

domain name-server  192.168.1.200

domain name-server  192.168.1.201

domain name-server  41.160.0.36

domain name-server  41.160.0.37

dns forwarder 192.168.1.201

dns forwarder 192.168.1.200

dns forwarder 41.160.0.37

dns forwarder 41.160.0.36

ip dns view-list DNS_VIEW_LIST

view default 10

ip dns server

ip dns primary secmansol.local soa 192.168.1.81 webmaster.secmansol.local 21600 900 777600 86400

But alas, my ping results are still the same !

Router#ping www.google.co.za

Translating "www.google.co.za"...domain server (192.168.1.200)

% Unrecognized host or address, or protocol not running.

Router#

I have now also update my IOS just in case, but the same results ...

Do you have forwarders configuered on 192.168.1.200/1? On your initial request you said "Now I'd like to setup the router to resolve both internal and external DNS requests." but now you're asking another internal host [192.168.1.200/1] to resolve names. The 41.160.x.x servers won't do you much good in this case; they would only work if .200 and .201 did not answer.

Try taking the .200 and .201 domain name-server and dns forwarder lines off the default dns view and try again (after clearing dns cache of course)... if this is what you want.

My terminology sucked in my initial post, sorry guys. I do not particularly want my router to resolve the DNS requests, I just want it to pass/handle the request on to the relevant DNS servers for resolving.

Thus internal request for resolution of names like server1 (.secmansol.local) and server2 (.secmansol.local) I want to have handled by 192.168.1.200 and .201.

While requests for internet DNS's like www.google.com to be handled by our ISP's DNS servers 40.160.0.36 and .37.

Is this possible ?

Jose: I assume from your description that having multple DNS's servers only really comes into play when a DNS server does not reply on a request, then only is it passed on to the next server. So if a server receives a resolution request for a name and it replies that it can not resolve it, then the request is not passed on to the next server specified ?

Of couse it's possible. Have you configured forwarders on 192.168.1.200 and .201 to 40.160.0.36 and .37? (I would guess not)

Another option... have you considered not running DNS on the router?

- no ip dns server

- on 192.168.1.200 and .201 configure forwarders to 40.160.0.36 and .37

- on client's DNS configuration place 192.168.1.200 and .201

Give it a shot !