05-03-2024 10:23 AM
Hello, I am very new to networking and I am currently trying to set up a lab in my computer science class. I am trying to set a forward lookup zone to our parent network's DNS server. When doing so the request says "A timeout occurred during validation" My DNS server cannot ping their DNS, but my router 2 can ping their DNS. I've also attached a picture of the topography. My DNS Server and DHCP are running off of the VLAN 200 with Proxmox. Let me know if seeing any configurations would be helpful!
05-04-2024 04:52 AM
It will be helpful if you can post Router2 (1941 configuration here)
I am trying to set a forward lookup zone to our parent network's DNS server. When doing so the request says "A timeout occurred during validation" My DNS server cannot ping their DNS
can you give example of FQDN you trying to setup ?
Do you have FQDN or is the for Local DNS Lookup ?
guide lines for Router DNS setup :
https://www.cisco.com/c/en/us/support/docs/ip/domain-name-system-dns/24182-reversedns.html
05-06-2024 06:09 AM - edited 05-06-2024 06:14 AM
They never gave me an FQDN just an IP (10.8.0.30) for their DNS
Here is Router2 config:
=~=~=~=~=~=~=~=~=~=~=~= MobaXterm log 2024.04.29 10:01:40 =~=~=~=~=~=~=~=~=~=~=~=
User Access Verification
Password:
Router2>en
Password:
Router2#show run
Building configuration...
Current configuration : 3221 bytes
!
! Last configuration change at 09:54:46 EST Mon Apr 29 2024
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router2
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$IIt.$zOfnsB3P8YUT.TrU1X1Re0
!
no aaa new-model
clock timezone EST -5 0
!
!
!
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More--
--More--
--More-- !
--More-- !
--More-- !
--More-- !
--More-- no ip domain lookup
--More-- ip cef
--More-- no ipv6 cef
--More-- !
--More-- multilink bundle-name authenticated
--More-- !
--More-- !
--More-- !
--More-- !
--More-- license udi pid CISCO1941/K9 sn FTX142580CU
--More-- license boot module c1900 technology-package securityk9
--More-- license boot module c1900 technology-package datak9
--More-- !
--More-- !
--More-- !
--More-- redundancy
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- !
--More-- interface Loopback0
--More-- ip address 172.16.255.2 255.255.255.255
--More-- !
--More-- interface Embedded-Service-Engine0/0
--More-- no ip address
--More-- shutdown
--More-- !
--More-- interface GigabitEthernet0/0
--More-- description Router2 GE 0/0 to Switch2 GE 0/1
--More-- no ip address
--More-- duplex auto
--More-- speed auto
--More-- !
--More-- interface GigabitEthernet0/0.1
--More-- description VLAN 1 Management
--More-- encapsulation dot1Q 1 native
--More-- ip address 172.16.30.1 255.255.255.0
--More-- !
--More-- interface GigabitEthernet0/0.11
--More-- description VLAN 11 BlueTeam
--More-- encapsulation dot1Q 11
--More-- ip address 172.16.31.1 255.255.255.0
--More-- ip helper-address 172.16.200.22
--More-- !
--More-- interface GigabitEthernet0/0.12
--More-- description VLAN 12 RedTeam
--More-- encapsulation dot1Q 12
--More-- ip address 172.16.32.1 255.255.255.0
--More-- ip helper-address 172.16.200.22
--More-- !
--More-- interface GigabitEthernet0/1
--More-- description ISP Traffic Outbound
--More-- ip address 10.202.240.1 255.255.255.240
--More-- ip nat outside
--More-- ip virtual-reassembly in
--More-- duplex auto
--More-- speed auto
--More-- !
--More-- interface Serial0/0/0
--More-- description Router2 DCE Serial0/0/0 to Router3 DTE Serial 0/0/0
--More-- ip address 172.16.40.1 255.255.255.248
--More-- ip nat inside
--More-- ip virtual-reassembly in
--More-- clock rate 56000
--More-- !
--More-- interface Serial0/0/1
--More-- description Router2 DTE Serial 0/0/1 to Router1 DCE Serial 0/0/0
--More-- ip address 172.16.20.2 255.255.255.248
--More-- ip nat inside
--More-- ip virtual-reassembly in
--More-- !
--More-- router ospf 109
--More-- !
--More-- router ospf 1
--More-- network 172.16.20.0 0.0.0.7 area 1
--More-- network 172.16.30.0 0.0.0.255 area 0
--More-- network 172.16.31.0 0.0.0.255 area 0
--More-- network 172.16.32.0 0.0.0.255 area 0
--More-- network 172.16.40.0 0.0.0.7 area 0
--More-- network 172.16.255.2 0.0.0.0 area 0
--More-- !
--More-- ip forward-protocol nd
--More-- !
--More-- no ip http server
--More-- no ip http secure-server
--More-- !
--More-- ip nat source list 1 interface GigabitEthernet0/1 overload
--More-- ip route 0.0.0.0 0.0.0.0 10.202.240.14
--More-- ip route 0.0.0.0 0.0.0.0 172.16.20.1
--More-- ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
--More-- ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
--More-- !
--More-- ipv6 ioam timestamp
--More-- !
--More-- !
--More-- access-list 1 permit 172.16.0.0 0.15.255.255
--More-- !
--More-- control-plane
--More-- !
--More-- !
--More-- vstack
--More-- banner login ^C!WARNING! You are permitted to use the system for authorized purposes only and may only use the system in accordance with the organization's Information Security Policy.^C
--More-- banner motd ^CNetwork Lab Welcome Master^C
--More-- !
--More-- line con 0
--More-- exec-timeout 5 0
--More-- password 7 124B574643
--More-- logging synchronous
--More-- login
--More-- line aux 0
--More-- password 7 153E24480B731F2108
--More-- line 2
--More-- no activation-character
--More-- no exec
--More-- transport preferred none
--More-- transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
--More-- stopbits 1
--More-- line vty 0 4
--More-- password 7 10693D234415052C5B
--More-- login
--More-- transport input none
--More-- !
--More-- scheduler allocate 20000 1000
--More-- !
--More-- end
--More--
Router2#
05-04-2024 05:09 AM
Now we can talk it clear you correct the subnet for each vlan.
For DNS issue' the host need to use dns server IP not use router IP for name resolve.
So first point to check is the dhcp' is it retrun router or dns IP to hosts
MHM
05-06-2024 07:00 AM
Would that be in the scope options?
05-06-2024 10:27 AM
Scope options of dhcp
If that what you mean, then Yes
You need to check from that point
MHM
05-06-2024 12:13 AM
Hello,
where is 'their' DNS server, where is 'your' DNS server, that is, what are the IP addresses of each respective server ?
05-06-2024 06:45 AM
Our DNS is running off of VLAN 200 with an IP of (172.16.200.21)
Their DNS has an IP of (10.8.0.30) and I am unsure where it is.
05-06-2024 12:02 PM
Hello,
your router has two default routes, which lead to load balancing and unpredictable results.
ip route 0.0.0.0 0.0.0.0 10.202.240.14
ip route 0.0.0.0 0.0.0.0 172.16.20.1
Judging from your drawing, you probably only need the first one (pointing to the Internet). Remove the second one and check if that makes a difference. Also, do a:
traceroute 10.8.0.30
from R2 and post the results.
05-06-2024 12:10 PM
I had to set the IP route
0.0.0.0 0.0.0.0 172.16.20.1
To give DHCP connectivity to R1.
I was told I don't need the
IP route 0.0.0.0 0.0.0.0 10.202.240.14
Since the R2 is already set as 10.202.240.1
05-07-2024 11:48 PM
Hello,
what do you mean by 'DHCP connectivity to R1', why does R2 need that ?
Without the default route to 10.202.241.14, you have no access to anything on the outside.
05-08-2024 04:52 AM
Whenever I plugged a device into S1 it wouldn't connect to our domain or have the Correct IP address from the DHCP until I added that IP route from R2 to R1 because our DNS and DHCP is off of VLAN 200.
I could send all my router configurations if that's helpful.
05-08-2024 05:09 AM
between R1 and R3 are you run OSPF ? which area you use ?
MHM
05-08-2024 05:50 AM
Im not sure I know enough about it to answer it, but heres all the OSPF config on all the routers.
R2#
router ospf 109
--More-- !
--More-- router ospf 1
--More-- network 172.16.20.0 0.0.0.7 area 1
--More-- network 172.16.30.0 0.0.0.255 area 0
--More-- network 172.16.31.0 0.0.0.255 area 0
--More-- network 172.16.32.0 0.0.0.255 area 0
--More-- network 172.16.40.0 0.0.0.7 area 0
--More-- network 172.16.255.2 0.0.0.0 area 0
--More-- !
R1#
router ospf 1
--More-- network 172.16.10.0 0.0.0.255 area 2
--More-- network 172.16.11.0 0.0.0.255 area 2
--More-- network 172.16.12.0 0.0.0.255 area 2
--More-- network 172.16.20.0 0.0.0.7 area 1
--More-- network 172.16.60.0 0.0.0.7 area 1
R3#
!
--More-- router ospf 1
--More-- network 172.16.40.0 0.0.0.7 area 0
--More-- network 172.16.50.0 0.0.0.255 area 2
--More-- network 172.16.51.0 0.0.0.255 area 2
--More-- network 172.16.52.0 0.0.0.255 area 2
--More-- network 172.16.60.0 0.0.0.7 area 2
--More-- network 172.16.200.0 0.0.0.255 area 2
--More-- network 172.16.255.3 0.0.0.0 area 2
--More-- !
05-08-2024 05:58 AM
--More-- network 172.16.60.0 0.0.0.7 area 2 <<- this interconnect subnet 172.16.60.0 have issue that why some router dont know the VLAN200 until you config static route
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide