Using a 4948E switch with FastEthernet1 as the management interface which uses the VRF mgmtVrf. I cannot get DNS resolution to work for some reason.
I am using code enterprise 15.1-2.SG and here are the relevant config snippets:
ip domain-lookup source-interface FastEthernet1
ip domain-name domain.com
ip name-server 126.96.36.199
ip name-server 188.8.131.52
vrf forwarding mgmtVrf
ip address 192.168.20.10 255.255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip route vrf mgmtVrf 0.0.0.0 0.0.0.0 192.168.20.1
If I try to ping using a host name it fails, even if I specify to use the VRF.
SWITCH#ping vrf mgmtVrf google.com
Translating "google.com"...domain server (184.108.40.206) (220.127.116.11)
% Unrecognized host or address, or protocol not running.
I read online there are some commands in a different code that support specifying the VRF along with the name servers, but I don't have those options. All I can do is set the source-interface on the domain-lookup command.
I had to open a case with TAC and they told me that the lastest code on the 4948E does not support VRF-aware DNS, and there is no work-around. I ended up having to not use the management interface Fa1 for management, and instead go back to using a VLAN interface riding over the production trunks, since you cannot un-attach Fa1 from the VRF.
Its also possible that scp is not vrf-aware on the 4948. I could not get a "copy scp: bootflash:" to work even when using an IP address for the scp host. Strage that it doesn't work since I do have "ip ssh source-interface FastEthernet1" set in the config. Had to resort to using tftp which is SLOW when trying to copy an image over a WAN link.
Do you use Cisco DNA Center? Have you used and are you willing to provide your feedback in using the Cisco DNA Center help and documentation?
If so, we’d like you to complete the survey linked below. Your feedback will help provide more effective and easi...
Listen: https://smarturl.it/CCRS9E18Follow us: https://twitter.com/CiscoChampion Reaching the height of your career is no simple feat. It often requires a combination of pursuing the right education, building the right professional network and being ...
In a typical production SD-WAN deployment, we would probably have many remote sites connected via many different Internet connections to a centralized data center or a regional hub. In most regions in the world, Internet providers will always use some typ...