12-18-2013 06:06 AM - edited 03-03-2019 07:14 AM
Hi,
I'm trying to configure a router as DNS server without "luck".
I've tried various things:
ip domain name net.sub.tld
ip name-server 8.8.8.8
ip host r1.net.sub.tld
ip dns server
ip dns primary net.sub.tld soa ns.net.sub.tld mailbox.net.sub.tld 21600 900 7776000 86400
I can do lookups on the router, but through the router I can't.
After I've done a lookup on the router and it gets the reply, it enters it in the hosts table (show hosts). NOW clients are able to resolve only this entry.
Local entries in the zone net.sub.tld works perfectly!
Any suggestions?
I've also tried to configure forwarder and source interfaces in the ip dns view default, but it's all the same.
The platform is a 1921 running IOS Version 15.1(4)M7
Thanks,
/JZ
12-18-2013 06:21 AM
Hi Jacob,
I dont know about it will work on router or not
But here are the steps:
1. enable
2. configure terminal
3. ip dns server
4. ip name-server server-address1 [server-address2...server-address6]
5. ip dns server queue limit {forwarder queue-size-limit | director queue-size-limit}
6. ip host [vrf vrf-name] [view view-name] hostname {address1 [address2 ... address8] | additional address9 [address10 ... addressn]}
7. ip dns primary domain-name soa server-name mailbox-name [refresh-interval [retry-interval [expire-ttl [minimum-ttl]]]]
8. ip host domain-name ns server-name
to check more please check this document.
Hope it helps.
Regards
Dont forget to rate helpful posts.
07-08-2014 07:51 PM
Could it be an access list? Are you allowing UDP packets to pass through on port 53?
This should be enough if there is no ACL issue:
ip domain name server.serve
ip name-server 208.67.222.222
ip name-server 208.67.220.220
ip dns view default
dns forwarder 208.67.222.222
dns forwarder 208.67.220.220
ip dns server queue limit forwarder 1500
ip dns server
Then maybe put this access list on your WAN interface in:
ip access-list extended DENY-DNS-FROM-WAN
permit udp host 208.67.220.220 any eq domain
permit udp host 208.67.222.222 any eq domain
deny udp any any eq domain
permit ip any any
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide