hi,

my DNS Server is my Internet Router. Its in VLAN1. Connected by trunk port with the cisco sg350

I cant ping my local servers by name, only by ip.

We need some more information, what is the DNS Server IP address? Are you able to reach  DNS Server from Switch and Devices connected on the Switch?

Your VLAN Located in SG350 able to reach that DNS Server IP ? by ping from your device and from Switch?

Internet Router - This should also aware of the VLAN  IP address  Located in SG350, so you need to static Route back to SG Switch

I cant ping my local servers by name, only by ip.  - can you explain more - do you have DNS records for that IP to resolve by your DNS Server ?

We need some more information, what is the DNS Server IP address? - 172.16.1.1

Are you able to reach DNS Server from Switch and Devices connected on the Switch

- YES! From all VLANS

Your VLAN Located in SG350 able to reach that DNS Server IP ?

- YES, I reach my DNS Server = (my Internet Router) from all VLANS

by ping from your device and from Switch?

- YES, all devices get dns with dhcp (attachment)

Internet Router - This should also aware of the VLAN IP address Located in SG350, so you need to static Route back to SG Switch

- I already did that (see attachment)

I cant ping my local servers by name, only by ip. - can you explain more - do you have DNS records for that IP to resolve by your DNS Server ?

- My DNS Server ist not a Windows Server, its just my internet router (Fritzbox, german product)

There are multiple things that we do not know and this impacts our ability to give good suggestions. I am not clear about this statement " I want to allow DNS traffic between them." We have been told that the DNS server is in vlan 1, connected to the router. So each vlan should be able to connect to the server, assuming that routing has been correctly enabled. So what is between them? Is it that you want no communication between the vlans on the switch other than DNS? Can you clarify what you want to happen?

We do not know whether routing is enabled on the SG350, making it function as L3 switch or routing not enabled, making it function as L2 switch. You tell us that the connection from switch to router is a trunk, which suggests that routing is being done on the router and not the switch. Can you clarify this? 

What I want is as follows:

In want dns name resolution between my vlans. If I ping one of my servers in vlan 60 from the pc-vlan 40, so I do not get a response. But if I ping the ip of the server, I get a response (attachment)

In windows I have to connect the network drives by ip: \\172.16.60.x\xxxxx instead of \\servername\xxxxx

I hope I could explain it the right way what I want

My DNS Server ist my internet router, not a windows server. Its called Fritzbox (german product).

L3 routing is enabled on sg350 (see attachment).

:-)

Not expert of  Fritzbox (german product).

As per your requirement in genereal, DNS Server required A Records to Resolve IP to name resolution.

example :

172.16.60.10

servernametest

A record need to add into DNS records for resolution

So when the client uses your Local DNS Server

if you do nslookup servernametest ( then it should resolve to 172.16.60.10)

not sure is this relevant :

https://blog.lobraun.de/2015/05/03/static-ips-and-dns-names-for-devices-in-your-home-network/

thanks for this article about fritzbox. But that doesnt help, too

:-(

I think that dns name resolution ist "blocked" between my vlans. I think you have to create acl´s on sg350?

TCP/UDP 53

Sorry to hear that unfortunalty it did not work.

I do not see any limitaiton here in terms of Cisco SG concern all working as expected, you need to Look and tweak or raise Fritzbox forum about the issue you having DNS resolution. I am not expert of Fritzbox nor i used any time before.

Other suggest i can make is, Get new DNS Server intriduced with small Linux box which can take care of DHCP and DNS for you, so that will be in same VLAN 1 (is that works for you ?)

it works now! I re-activated my windows 2012 server and configured dns there!

i entered all my devices as hosts and ptr and now i can ping devices through all vlans by name!!

and its correct that fritzbox cant handle multiple vlans

thanks for help!!

Thanks for the update. Glad to know that you got it working by activating a Windows server to provide DNS for your servers etc. The limitation of what Fritz!box can do is interesting. Good to know that you found a way around that limitation. 

yes I am glad, too

maybe you can help me with another topic?

https://community.cisco.com/t5/network-management/cisco-sg350-findit/td-p/4139427

Andy

I looked at your other post and have responded to it.