Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3821
Views
0
Helpful
12
Replies

Port Forwarding DNS to external DNS server

Badjoras
Level 1
Level 1

‎01-13-2019 05:52 PM - edited ‎03-10-2019 01:09 AM

Hello,

I have a scenario with a client network, a network with a dns server and in the middle an ISP that gives internet to both networks.

In PC_CLIENT I added in the file /etc/network/interfaces the following line "dns-nameserver 5.22.155.124" this IP is the R1 f0/0 ip the interface directly connected to the ISP.

 

What I want is to redirect the dns requests on the router to the DNS server

 

For this to happen I made the following configuration on router R1:

int f0/0 (interface connected to the ISP)

ip nat outside

 

int f1/0  (interface connected to the DNS server)

ip nat inside

 

ip nat inside source static udp 192.168.21.2 53 interface FastEthernet0/0 53
ip nat inside source static tcp 192.168.21.2 53 interface FastEthernet0/0 53
 
In the Client router i configured the NAT overload
 
I can ping both routers, so they communicate with each other, but when i write in the browser for example www.google.com i can't access, because the dns server can't resolve the name, so the router is not forwarding the requests.
 
My question is what wrong with my configurations? can someone help me with this?
 
 

This is a GNS3 scenario for a school project! 

dns.PNG

Labels:
0 Helpful
12 Replies 12

Francesco Molino
VIP Alumni
VIP Alumni

‎01-13-2019 07:23 PM

Hi

The nat has been done in R1 and its outside up 5.22.155.124 which means your dns entry on your PC client is wrong.
If you run nslookup www.google.com 5.22.155.124, does it work?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Francesco Molino

‎01-13-2019 11:03 PM

adding to @Francesco Molino,

You may see other issue here as i think of now is, is  your RC also doing NAT ? , how is PC_CLIENT have reachability to DNS Server you wan to use ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Francesco Molino

‎01-13-2019 11:04 PM

adding to @Francesco Molino

You may see other issue here as i think of now is, is  your RC also doing NAT ? , how is PC_CLIENT have reachability to DNS Server you wan to use ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Badjoras
Level 1
Level 1
In response to Francesco Molino

‎01-14-2019 06:18 AM

Yes, my router RC is doing nat, pc_client have reachability trough isp to dns
0 Helpful

Badjoras
Level 1
Level 1
In response to Francesco Molino

‎01-14-2019 02:36 PM

in PC_CLient i have dns-nameserver 5.22.155.124, i cant acess any webpage and the nslookup dont work

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to Badjoras

‎01-14-2019 08:40 PM

Can you share the config of RC router into a text file?
Can you do a show ip nat translation on R1?

If you do wireshark on the inside interface of R1, can you validate that you see dns packets?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Badjoras
Level 1
Level 1
In response to Francesco Molino

‎01-15-2019 08:45 AM

R1 - NAT 2.PNG

 

 

 

 

 

 

 

 

!
hostname RC

!
interface FastEthernet0/0
ip address 192.168.20.254 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 5.22.155.125 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!

ip route 0.0.0.0 0.0.0.0 5.22.155.126
!
!
ip nat inside source list 100 interface FastEthernet1/0 overload
!
access-list 100 permit ip any any
!

 

 

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to Badjoras

‎01-15-2019 06:17 PM

Here we see nat translations.
Does your internal dns server able to resolve www.google.ca?


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Badjoras
Level 1
Level 1
In response to Francesco Molino

‎01-15-2019 07:35 PM

yes, because of the named.config.options, in this file i have forwarder to 8.8.8.8

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to Badjoras

‎01-15-2019 07:43 PM

Can you take a tcpdump on your local dns while testing with your pc?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Badjoras

‎01-14-2019 08:40 PM

That mean your RC configuration have issue. can you post below outputs to understand setup.

 

1. From R-ISP2 - post ping 8.8.8.8  ( question here is on R-ISP2 what is the outside IP address ?)

2. From RC - post ping 8.8.8.8  and post the configuration to have look NAT

3. PC_Client : post ping 8.8.8.8 and  ping RC inside IP and OUITside IP and R-ISP2 Inside IP and Outside (post all the output)

 

 

suggest to post all the device show running config.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Badjoras
Level 1
Level 1
In response to balaji.bandi

‎01-15-2019 08:40 AM

i can ping 8.8.8.8 i all interfaces in all routers

0 Helpful
Customers Also Viewed These Support Documents