Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Issue with Domain Resolution

Hello Folks,

I have tried the next to enable the domain name resolution, but it doesn't work:

ip domain-lookup

...

ip name-server xxx.xxx.xxx.xxx

ip name-server yyy.yyy.yyy.yyy

If I send a ping like FQDN (example: www.cisco.com), there is not domain resolution. Appear the next:

Translating "www.cisco.com"... domain server (xxx.xxx.xxx.xxx) (yyy.yyy.yyy.yyy)

% Unrecognized host or address, or protocol not running.

Where the X address and Y address are the DNS of my ISP.

Could somebody help me please?.

Thanks in advance!!

11 REPLIES

Re: Issue with Domain Resolution

Hi,

1.Ensure the router can reach the DNS server. Ping the DNS server from the router using its IP address

2.Use these steps to ensure that the router forwards the lookup requests:

1.Define an access control list (ACL) that matches on DNS packets:

access-list 101 permit udp any any eq domain

access-list 101 permit udp any eq domain any

2.Use the debug ip packet 101 command.

Note: Ensure that you specify the ACL. If you enable the debug ip packet command without an ACL may produce a large amount of output to the console and cause the router to reload.

3.Ensure you have the ip domain-lookup command enabled on the router.This command is enabled by default , but still check it.

HTH...rate if helpful...

New Member

Re: Issue with Domain Resolution

Hi Satish,

The first step fail. I cannot reach any ip address with Ping, Then I have disabled the access-list on my ATM interface and the same problem.

What can be happen?

Thanks

Re: Issue with Domain Resolution

1.Are you able to access internet from behind the router ?

2.Looks like routing issue.

3.Are you able to ping the ISP side IP Address from router ?

New Member

Re: Issue with Domain Resolution

1) Yes, I able.

3) Yes, I able.

Re: Issue with Domain Resolution

can you paste the config of router ??

New Member

Re: Issue with Domain Resolution

Yes, this is the configuration:

Current configuration : 2011 bytes

!

! Last configuration change at 16:08:56 UTC Mon Oct 13 2008 by admin

! NVRAM config last updated at 09:33:19 UTC Mon Oct 13 2008 by admin

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname XXX

!

boot-start-marker

boot-end-marker

!

enable secret 5 XXX

!

no aaa new-model

!

!

dot11 syslog

!

!

ip cef

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

ip name-server XXX.XXX.XXX.XXX

ip name-server YYY.YYY.YYY.YYY

!

!

!

username zzzz privilege 15 password 0 cccc

!

no crypto isakmp enable

!

archive

log config

hidekeys

!

!

!

!

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

hold-queue 224 in

!

interface ATM0.1 point-to-point

bandwidth 2016

ip unnumbered Vlan1

ip access-group 101 in

pvc 8/32

encapsulation aal5snap

protocol ip inarp

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

ip address KKK.KKK.KKK.KKK 255.255.255.192

hold-queue 100 out

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 ATM0.1

!

no ip http server

no ip http secure-server

!

access-list 101 permit ip host XXX.XXX.XXX.XXX host KKK.KKK.KKK.KKK

access-list 101 permit ip host YYY.YYY.YYY.YYY host KKK.KKK.KKK.KKK

access-list 101 deny ip any any

no cdp run

!

control-plane

!

!

line con 0

exec-timeout 120 0

password ccc

no modem enable

stopbits 1

line aux 0

line vty 0 4

access-class 23 in

exec-timeout 120 0

password ccc

login local

length 0

!

scheduler max-task-time 5000

end

Thanks Again!!

Re: Issue with Domain Resolution

Hi,

From any windows client behind the router on the command prompt see whether you are able to resolve google.com or cisco.com ??

"nslookup google.com"

"nslookup cisco.com"

New Member

Re: Issue with Domain Resolution

Yes, it worked fine.

New Member

Re: Issue with Domain Resolution

From any windows client, the nslookup command and the ping command works fine.

From router console neither of them works.

Greetings!!

New Member

Re: Issue with Domain Resolution

The problem of ping, could be the command on ATM 0.1 interface?:

interface ATM0.1 point-to-point

bandwidth 2016

ip unnumbered Vlan1

ip access-group 101 in

pvc 8/32

encapsulation aal5snap

protocol ip inarp

!

!

This is the only configuration strange on this router.

New Member

Re: Issue with Domain Resolution

Yes, this is the configuration:

Current configuration : 2011 bytes

!

! Last configuration change at 16:08:56 UTC Mon Oct 13 2008 by admin

! NVRAM config last updated at 09:33:19 UTC Mon Oct 13 2008 by admin

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname XXX

!

boot-start-marker

boot-end-marker

!

enable secret 5 XXX

!

no aaa new-model

!

!

dot11 syslog

!

!

ip cef

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

ip name-server XXX.XXX.XXX.XXX

ip name-server YYY.YYY.YYY.YYY

!

!

!

username zzzz privilege 15 password 0 cccc

!

no crypto isakmp enable

!

archive

log config

hidekeys

!

!

!

!

!

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

hold-queue 224 in

!

interface ATM0.1 point-to-point

bandwidth 2016

ip unnumbered Vlan1

ip access-group 101 in

pvc 8/32

encapsulation aal5snap

protocol ip inarp

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

ip address KKK.KKK.KKK.KKK 255.255.255.192

hold-queue 100 out

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 ATM0.1

!

no ip http server

no ip http secure-server

!

access-list 101 permit ip host XXX.XXX.XXX.XXX host KKK.KKK.KKK.KKK

access-list 101 permit ip host YYY.YYY.YYY.YYY host KKK.KKK.KKK.KKK

access-list 101 deny ip any any

no cdp run

!

control-plane

!

!

line con 0

exec-timeout 120 0

password ccc

no modem enable

stopbits 1

line aux 0

line vty 0 4

access-class 23 in

exec-timeout 120 0

password ccc

login local

length 0

!

scheduler max-task-time 5000

end

Thanks Again!!

125
Views
0
Helpful
11
Replies