11-08-2013 11:58 AM - edited 03-04-2019 09:31 PM
I have customer who is in the position that they need the Cisco router to resovle internal hostnames.
Each location has a cisco router terminating an Internet connection. The customer is installing a new anti virus software that has to connect to the AV server that is located at their HQ.
The software must use a hostname and not an IP address. The hostname that it uses is the AV server.
The clients are failing to contact the server b/c they currently use the local Internet providers DNS servers.
I would like to set the Cisco up to resolve hostnames that are configured in the router, and forward request for all other traffic to the Internet DNS severs.
I am reading conflicting reports, some say this is not possible, some say it is.
The config I have currently is:
ip domain name customer.com
ip host CustomerAV 10.249.70.195
ip name-server 74.40.74.40 (ISP DNS Server)
ip name-server 74.40.74.41 (ISP DNS Server)
ip domain-lookup
ip dns server
Some articles I read say you must use the following command:
ip dns primary website.com soa ns.website.com
I have no clue what that command is and if it must be used.
Right now, the clients are failing to resolve the internal hostnames. The IP of the Cisco has been configured as the primary DNS on the clients.
Any ideas?
11-10-2013 08:20 AM
This site has a good explanation,
http://stack.nil.com/ipcorner/RouterDNS/
I assume the host site has dns running on something other than a router and that it is configured to reply to dns queries for zones it is primary for, but forward dns queries for zones it is not. That would be a standard MS domain controller/dns installation. If that is the case, then I would configure the remote routers as dns caching proxies as the first article in the link above explains.
Sent from Cisco Technical Support iPad App
11-10-2013 09:04 AM
For that you can use the DNS-views that can be configred in IOS. Lets assume you wnat to send queries for "*.company.local" to your internal server 10.11.12.13, but everything else to the ISP-DNS-server. That can be done the following way:
Prepare the Regex for the domains that need a special handling:
ip dns name-list 1 permit \.company\.local
Prepare all the views, one for each different DNS-need:
ip dns view COMP
logging
dns forwarder 10.11.12.13
dns forwarding source-interface Vlan254
!
ip dns view default
logging
domain timeout 2
dns forwarder 8.8.8.8
And now tell the router which view should be used for which queries. The name-group 1 references the name-list configured at the top:
ip dns view-list DNS
view COMP 10
restrict name-group 1
view default 1000
!
ip dns server view-group DNS
The internal server 10.11.12.13 should be the one that can resolve the name for the AV-server. If the IP is later changed, then you don't have to reconfigure all your routers that have this DNS-settings.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide