Menu

Cisco As a DNS server


A nice way to save some money on additional servers, there is a nice way to use a Cisco as a DNS server
it can be a good way to allow URL filtering for HTTPS or just remove some of the load of the local Server,
this achieved by running the following commands on the device :
(config)#ip domain-lookup
(config)#ip name-server 8.8.8.8
(config)#ip dns server
Domain-lookup will allow the Cisco to resolve domains,
Name server is to define the DNS to query for unknown host
IP DNS server allows answering queries

 At this state any DNS request will be forwarded to 8.8.8.8 and the Cisco will act as the "middle man" between the client and the DNS.

 Now let's add local records
(config)#ip host DOMAIN.COM 173.194.34.101
(config)#ip host DOMAIN.COM  MX 1 ASPMX.L.GOOGLE.COM
This creates an A Record for DOMAIN.COM  as 173.194.34.101
And MX record with priority of '1' to ASPMX.L.GOOGLE.COM

 Any request for a sub-domain to DOMAIN.COM will be forwarded to 8.8.8.8

 like i wrote before using that method we can implement URL-Filtering, to do so just block all DNS requests intended to any destination other than the Cisco and create a record for the URL you intend to block.

 lets say you want to block interface FastEthernet 0/0 from accessing Facebook, it will look like this
  • access list to block all dns queries
ip access-list extended Block_DNS
10 permit udp 192.168.0.0 0.0.0.255 host 192.168.0.254 eq domain
20 deny udp 192.168.0.0 0.0.0.255 any eq domain
30 permit ip any any
  • put the ACL on the interface
interface FastEthernet 0/0
ip address 192.168.0.254 255.255.255.0
ip access-group Block_DNS in
  • and send Facebook to 0.0.0.0
ip host facebook.com 0.0.0.0
ip host www.facebook.com 0.0.0.0

 all done.

 Hope this post was helpful, If it was please consider a donation:
BTC Address: 1CnyMpjd1RntRDxSus2hu2aDMyzL4Kj29N
LTC Address: LUqrKbzGihTU2GEnL3EwsuuLHCsxCJMdtR
By

4 comments:

  1. Jack son20 December, 2017 12:45

    Driving organizations and IT experts perceive Cisco as one of the best suppliers of systems administration and IT equipment, with items that convey quality and execution. Driving organizations and IT experts perceive Cisco as one of the best suppliers of systems administration and IT equipment, with items that convey quality and execution.

    ReplyDelete
  2. elizabethleery22 February, 2020 22:24

    Nice post mate, keep up the great work, just shared this with my friendz video streaming

    ReplyDelete
  3. Kevin Horgan31 March, 2020 12:24

    If much like me, you have ever wondered whats behind the overall game servers you play on and the way they truly work you will probably find this informational article very interesting. best ark survival server hosting

    ReplyDelete
  4. Akseosolutions05 May, 2020 13:39

    Very useful post. This is my first time i visit here. I found so many interesting stuff in your blog especially its discussion. Really its great article. Keep it up. bestarkserverhosting.com

    ReplyDelete

Subscribe to: Post Comments (Atom)