Using a 4948E switch with FastEthernet1 as the management interface which uses the VRF mgmtVrf. I cannot get DNS resolution to work for some reason.
I am using code enterprise 15.1-2.SG and here are the relevant config snippets:
ip domain-lookup source-interface FastEthernet1
ip domain-name domain.com
ip name-server 18.104.22.168
ip name-server 22.214.171.124
vrf forwarding mgmtVrf
ip address 192.168.20.10 255.255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route vrf mgmtVrf 0.0.0.0 0.0.0.0 192.168.20.1
If I try to ping using a host name it fails, even if I specify to use the VRF.
SWITCH#ping vrf mgmtVrf google.com
Translating "google.com"...domain server (126.96.36.199) (188.8.131.52)
% Unrecognized host or address, or protocol not running.
I read online there are some commands in a different code that support specifying the VRF along with the name servers, but I don't have those options. All I can do is set the source-interface on the domain-lookup command.
I had to open a case with TAC and they told me that the lastest code on the 4948E does not support VRF-aware DNS, and there is no work-around. I ended up having to not use the management interface Fa1 for management, and instead go back to using a VLAN interface riding over the production trunks, since you cannot un-attach Fa1 from the VRF.
Its also possible that scp is not vrf-aware on the 4948. I could not get a "copy scp: bootflash:" to work even when using an IP address for the scp host. Strage that it doesn't work since I do have "ip ssh source-interface FastEthernet1" set in the config. Had to resort to using tftp which is SLOW when trying to copy an image over a WAN link.
Listen: https://smarturl.it/CCRS8E37Follow us: twitter.com/ciscochampionSometimes, situations require temporary fixes. Sometimes, the network becomes an afterthought in overall office design and planning. In either situation, it may require netw...
In this special edition of the Insider Series, we hear from Cisco partners who have taken steps to be more eco-friendly and sustainable. We hear what inspires ASHRAE, Southwire, Igor, and NTT to create a workplace that is centered around people and how th...
We know that the Type-1 LSA describes the link type connected to the router, the neighbor router and the subnet number.In this topology, assume we dont have a Type-2 LSA, so each router will create its own Type-1 LSA, the Type-1 LSA will describe the neig...
Here are some commonly asked questions and answers to help with your adoption of Cisco DNA Center Wireless. Subscribe to this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.
Q. I have a Cisco Appl...
Why IETF changed and inverted OSPF Type-7 LSA VS Type-5 LSA election In RFC 3101 compared to OLD RFC 1587?Many people learns that the Type-7 LSA and Type-5 election (ON Versus OE routes) depends on RFC 3101 for NSSA published in 2003 and RFC 1587 for NSSA...