Re: How to make ip dns ns config work?

xh_liu · ‎10-11-2017

Here is my config:

r3:

(dns server)

ip dns server

ip domain lookup

ip host baoshan.com ns ns2
ip host ns2 192.168.100.2

!

r4:

(dns client)

ip domain lookup

ip name-server 192.168.34.3 ( which is r3 ip address)

!

r4: ping test.baoshan.com

r3 didn't forward dns query to ns2 based on the "ip dns baoshan.com ns ns2" config, r3 at last sent out broadcast dns query. I want to know why and how to make dns ns config work?

Followed is r3's debug domain output:

*Oct 11 15:27:22.841: DNS: Incoming UDP query (id#57629)
*Oct 11 15:27:22.841: DNS: Type 1 DNS query (id#57629) for host 'test.baoshan.com' from 192.168.34.4(57391)
*Oct 11 15:27:22.841: DNS: Servicing request using view default
*Oct 11 15:27:22.841: search_nametype_index: test.baoshan.com
*Oct 11 15:27:22.841: search_nametype_index: test.baoshan.com
*Oct 11 15:27:22.841: search_nametype_index: baoshan.com
*Oct 11 15:27:22.841: search_nametype_index: baoshan.com
*Oct 11 15:27:22.841: search_nametype_index: test.baoshan.com
*Oct 11 15:27:22.841: search_nametype_index: test.baoshan.com
*Oct 11 15:27:22.841: search_nametype_index: test.baoshan.com
r3#
*Oct 11 15:27:22.841: search_nametype_index: baoshan.com
*Oct 11 15:27:22.841: search_nametype_index: baoshan.com
*Oct 11 15:27:22.841: DNS: Re-sending DNS query (type 1, id#63900) to 255.255.255.255
*Oct 11 15:27:22.843: DNS: Incoming UDP query (id#63900)
*Oct 11 15:27:22.843: DNS: Type 1 response (id#63900) for host <test.baoshan.com> from 192.168.100.2(53)
*Oct 11 15:27:22.843: DNS: Response code 3 (id#63900) from 192.168.100.2(53)
*Oct 11 15:27:22.843: DNS: Finished processing query (id#57629) in 0.002 secs
*Oct 11 15:27:22.843: DNS: Forwarding back reply to 192.168.34.4/57391

,

Reza Sharifi · ‎10-11-2017

Have a look at this document

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/257-cisco-router-dns-server.html

HTH

xh_liu · ‎10-11-2017

The config in the web is simple and not telll how to make 'dns ns' config work. Thanks.

Austin Sabio · ‎10-11-2017

Try the following:

!Router as a DNS Server
R1(config)# ip dns server
R1(config)# ip domain lookup
R1(config)# ip host ns2.baoshan.com 192.168.100.2
R1(config)# ip host baoshan.com ns ns2.baoshan.com
R1(config)# ip dns primary baoshan.com soa ns2.baoshan.com

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dns/configuration/12-4t/dns-12-4t-book/dns-config-dns.html#GUID-B35BAE29-08A7-4ACE-94FE-7950A4422202

I hope this helps and good luck!

-Austin

xh_liu · ‎10-11-2017

No, it didn't work.

after I change config as what you say,

r3 config:

ip host baoshan.com ns ns2.baoshan.com
ip host ns2.baoshan.com 192.168.100.2

ip dns server
ip dns primary baoshan.com soa ns2.baoshan.com mb2.baoshan.com

Here is r3 output:

*Oct 11 23:31:19.362: DNS: Incoming UDP query (id#19342)
*Oct 11 23:31:19.362: DNS: Type 1 DNS query (id#19342) for host 'test.baoshan.com' from 192.168.34.4(56837)
*Oct 11 23:31:19.362: DNS: Servicing request using view default
*Oct 11 23:31:19.362: search_nametype_index: test.baoshan.com
*Oct 11 23:31:19.362: search_nametype_index: test.baoshan.com
*Oct 11 23:31:19.362: search_nametype_index: baoshan.com
*Oct 11 23:31:19.362: search_nametype_index: test.baoshan.com
*Oct 11 23:31:19.362: search_nametype_index: test.baoshan.com
*Oct 11 23:31:19.362: search_nametype_index: test.baoshan.com
*Oct 11 23:31:19.362: search_nametype_index: baoshan.com
r3#
*Oct 11 23:31:19.362: search_nametype_index: test.baoshan.com
*Oct 11 23:31:19.362: DNS: Replying NO_SUCH_HOST to query (id#19342) with baoshan.com SOA
*Oct 11 23:31:19.362: DNS: Finished processing query (id#19342) in 0.000 secs
*Oct 11 23:31:19.362: DNS: Sending response to 192.168.34.4/56837, len 111

Austin Sabio · ‎10-12-2017

Yes Sir, it does. See attached lab. I was able to ping the hostname of the dns record ns2.test.com instead of its corresponding ip 172.16.10.1. I hope this helps and please don't forget to mark correct/helpful answer. Good luck!

-Austin

xh_liu · ‎10-12-2017

I just want to check how NS record work.

I want to know how to check it.

Here is the command explaination:

ip host domain-name ns server-name

Example:
Device(config)# ip host example.com ns ns1.example.com

(Optional) Configures the device to create an name server (NS) resource record to be returned when the DNS server is queried for the associated domain.
This configuration is needed only if the zone for which the system is authoritative will also be served by other name servers

Austin Sabio · ‎10-12-2017

"r3 didn't forward dns query to ns2 based on the "ip dns baoshan.com ns ns2" config, r3 at last sent out broadcast dns query. I want to know why and how to make dns ns config work?"
"The config in the web is simple and not telll how to make 'dns ns' config work. Thanks."
"No, it didn't work."

All your questions were specifically about router as dns server config and they were answered by the above lab with requested dns commands as you can see pc as dns client#1 and R2 as dns client#2 both are answering to dns inqury of ns2.test.com.

to verify dns, you can use dns debug command and show hosts

Router# show hosts 
Default domain is CISCO.COM
 Name/address lookup uses domain service
 Name servers are 192.0.2.220
 Host Flag Age Type Address(es)
 EXAMPLE1.CISCO.COM (temp, OK) 1 IP 192.0.2.10
 EXAMPLE2.CISCO.COM (temp, OK) 8 IP 192.0.2.50
 EXAMPLE3.CISCO.COM (temp, OK) 8 IP 192.0.2.115
 EXAMPLE4.CISCO.COM (temp, EX) 8 IP 192.0.2.111
 EXAMPLE5.CISCO.COM (temp, EX) 0 IP 192.0.2.27
 EXAMPLE6.CISCO.COM (temp, EX) 24 IP 192.0.2.30

Router# debug domain
Apr 4 22:16:35.279: DNS: Incoming UDP query (id#8409)
Apr 4 22:16:35.279: DNS: Type 1 DNS query (id#8409) for host 'ns1.example.com' from 192.0.2.120(1279)
Apr 4 22:16:35.279: DNS: Finished processing query (id#8409) in 0.000 secs

Hope this helps. Please don't forget to mark correct/helpful answer.

-Austin

xh_liu · ‎10-12-2017

To make it more clear:

In my lab,

dns server: two router configed as dns server, r2 (w/ ip 192.168.100.2) and r3 (w/ ip 192.168.100.3, 192.168.34.3)
dns client: one router confied as dns client, r4(w/ ip 192.168.34.4)

I hope r3 is coniged as dns server and I don't want to config r2 as r3's dns server by using command 'ip name-server 192.168.100.2'. But I till hope r3 can forward 'baoshan.com' dns query to r2 by using command 'ip host baoshan.com ns ns2.baoshan.com'.
My question is that r3 didn't forward the dns query to r2.
here is more config:
r2:
r2#sh run | include dns|host
int e0/0
ip add 192.168.100.2
!
hostname r2
ip host test.baoshan.com 44.44.44.44
ip host ns2.baoshan.com 192.168.100.2
ip host baoshan.com ns ns2.baoshan.com
ip dns server
ip dns primary baoshan.com soa ns2.baoshan.com mx2.baoshan.com
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
!
R3:
!
ip host ns2.baoshan.com 192.168.100.2
ip dns server
ip host baoshan.com ns ns2.baoshan.com (I hope r3 should forward 'baoshan' dns query to ns2 which is r2 dns server)
(followed command although I think is not needed, but I have tried these command and failed)
ip dns primary baoshan.com soa ns2.baoshan.com mx2.baoshan.com
!
int e0/0
ip add 192.168.100.3 255.255.255.0
!
int e0/1
ip add 192.168.34.3 255.255.255.0
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
!
router r4:
!
ip domain-lookup (default)
ip name-server 192.168.34.3
!
int e0/0
ip add 192.168.34.4 255.255.255.0
!
router ospf 1
network 0.0.0.0 255.255.255.255 area 0
!