08-03-2020 02:56 AM
Hi Hope you guys are well.
I am in situation where I have to route all traffic to next hop for Web-Server (https://voipserver.com) via Policy Based Routing. But the issue is that DNS request for that Web-Server is resolved via 8.8.8.8. And 8.8.8.8 is not allowed on next hop. Only traffic destined for specific server (https://voipserver) is allowed.
I am using 8.8.8.8 8.8.4.4 as name server.
I want to do route DNS traffic for that specific Web-Server to Specific next hop. All other traffic should take the default route.
Need Suggestion?
08-03-2020 04:06 AM
So just add a line in your PBR acl for that specific traffic and it will be policy routed.
Although not clear why you need to do this as DNS resolution is independent of the web traffic.
Jon
08-03-2020 04:17 AM
08-03-2020 04:21 AM
Why do you need to ie. it doesn't really matter where the DNS traffic goes as it is independent of the web traffic.
However if you really must route that traffic via PBR then as I said just add a line in your acl that you use with your PBR configuration to match that traffic eg.
permit udp any host 8.8.8.8 eq 53
Jon
08-03-2020 04:33 AM
08-03-2020 05:32 AM
You won't be able to do that because you basically need to be able to inspect the actual DNS request to see what name is being requested.
Not sure whether you could do anything with NBAR but it's not clear why you have this requirement.
Jon
08-03-2020 06:00 AM
08-03-2020 06:26 AM - edited 08-03-2020 06:29 AM
Don't really know what else to say.
I am not sure why you need to split DNS traffic between ISPs depending upon the destination server but like I say you would need something that could inspect the DNS packet to see which name is being looked up.
DNS requests are very small and whichever ISP is used for the DNS request does not affect which ISP is used for the actual traffic.
Maybe someone else has a suggestion.
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide