Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2055
Views
0
Helpful
2
Replies

Need some help with IOS Split DNS

rrich
Level 1
Level 1

‎09-14-2007 12:25 AM - edited ‎03-03-2019 06:45 PM

Hi Folks,

I'm trying to configure IOS-based split DNS to support users at a remote office.

The basic objective is to have all Internet DNS queries be forwarded to the local ISP DNS server(s), but DNS queries for the company domain name be forwarded to our internal DNS servers over a VPN tunnel.

So far all I have found is one large (and rather confusing) document related to Split DNS configuration in the IOS. So, here's my sanitized example, can you see anything i'm doing wrong?

ip dns view MYCOMPANY

logging

dns forwarder 10.x.x.x

dns forwarder 10.x.y.y

ip dns view default

logging

dns forwarder 208.x.x.x

dns forwarder 208.x.y.y

ip dns view-list MYCOMPANY

view MYCOMPANY 5

restrict name-group 10

view default 10

ip dns name-list 10 permit .*.MYCOMPANY.COM

ip dns server

I've tried adding the 'ip dns view-group MYCOMPANY' to the interface, it didn't seem to help.

Basically the behavior i'm getting is no DNS queries are forwarded to the 'MYCOMPANY' forwarders, they all go to the ISP dns servers.

Any ideas? I can't seem to get much out of debugging. This is running 12.4(15)T1 on a 2811.

Thanks!

bob

Labels:
0 Helpful
2 Replies 2

rrich
Level 1
Level 1

‎09-14-2007 12:47 AM

Gah! Why is it that i time these posts just a few minutes before i figure out what i'm doing wrong.

The key is this simple command:

ip dns server view-group MYCOMPANY

Without it, there is no default view-list for the DNS server, and therefore it does simple resolving against the namservers it has configured.

Works like a beauty now!!!

0 Helpful

kgreenway
Level 1
Level 1

‎02-17-2009 06:49 AM

Hi bob,

Hoping you still pick this up..

I'm trying to achieve exactly the same thing here, but all my dns queries are still going to the public DNS servers. Wondered if you could give me a snippit of your config.

Mine is below.

ip domain name mycompany.local

ip name-server 194.x.x.x

ip name-server 62.x.x.x

ip dns view mycompany

logging

dns forwarder 192.168.x.x

dns forwarder 192.168.x.x

ip dns view default

logging

dns forwarder 194.x.x.x

dns forwarder 62.x.x.x

ip dns view-list mycompany

view mycompany 5

restrict name-group 10

view default 10

ip dns name-list 10 permit .*.mycompany.local

ip dns server view-group mycompany

ip dns server

Any ideas where I'm going wrong?

Thanks

Kevin

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card