ASA DNS Server functionality needed

ognian.tschakalov · ‎03-31-2011

Hi,

I like the ASA 5505 for SMB and Home Offices very much, but I'm missing sadly a DNS Server or at least the ability of the DHCP Server to use static addresses for certain MAC's. In SOHO's the ASA is the only thing always powerded on and often even a Server where a DNS Server could be installed is missing.

So is there a chance to see such a feature (DNS Server and/or static DHCP) in the next SW Release?

Or does someone have a great idea how name resolution in a small LAN can be done without a local DNS Server?

Any suggestions are welcome...

Ognian

paruuth · ‎03-31-2011

Tervicko!

This get's my vote too...

I would love to get both DNS server and static DHCP-entries in ASA.

I've got complex infrastructure in my home office and ASA 5505 is perfect device otherwise.

So I vote for this too.

rgds. Pasi R, Cisco-friendly IT-guy since 1997.

Shrikant Sundaresh · ‎04-07-2011

Hi Ognian,

The ASA can forward a dns server ip address along with the DHCP ip it provides. So you can provide a public DNS server like 4.2.2.2 or 8.8.8.8, or one from your ISP to the inside users.

For machines which have static ip addresses:

1. Remove those static ip addresses from the DHCP pool. (one contiguous set of static ip addresses, and remaining as DHCP)

2. Configure static DNS servers as well.

I think this would achieve what you are looking for. (Unless most machines have static ip addresses).

The command for configuring dns server ip to be sent along with dhcp is:

dhcpd dns (Maximum 2 dns server ip addresses can be specified)

Hope this helps.

-Shrikant

P.S.: Please mark the question answered, if it has been resolved. Do rate helpful posts. Thanks.

ognian.tschakalov · ‎04-08-2011

Hi Shrikant,

you did not get the problem! I do not have a problem to set dns server on a client computer in my LAN via DHCP.

I have a problem to resolve inside LAN client computer NAMES, since I have NO internal DNS Server. A public DNS Server can NOT be used for internal LAN resolution (Adresses like 192.168.x.x).

In these days where energy consumtion IS a concern, we can not think like all devices are allways on. These leads to additional problems. Let me explain: If you have an ASA and a DNS Server on a separate unit than it DOES matter in which order you switch the units on. If ASA gives a notebook an IP Address and the unit on which the DNS Serverr resides is not switched on or switched on later, name resolution does NOT work.

Therefore adding a "small" DNS Server to the ASA is verry verry important!

Altough not preferreable, a possible workaround for this problem could come via some dynamic name resolution protocoll like WINS or Bonjour which relay on a different mechanism for finding names. Unfortunally I have to less expirience with these and therfore asking if someone has done this allready.

One other (primitive and outdated) solution to the above problem would be to switch to static ip addresses and forget that there are names for computer and devices. But if choosing this solution we must remember that in today's small networks we have devices like notebooks and iPhones which have allways to use DHCP. It is NOT possible to tell the user, if you are in Network1 use 192.168.4.5 and if you come to Network2 use DHCP, please when you move from Network1 to Network2 change it manually. So for this solution to work all clients must allways use DHCP and thats why there is static DHCP which allows a device to allways get the same IP. Unfortunatly ASA does NOT support this kind of DHCP.

In conclusion from the above:

If Cisco wants that the ASA to still be usefull for SOHO's than in the next software release you have to provide eighter a small DNS Server or static DHCP.

Ognian