cisco router : redirect any dns request to my own dns server

domain-name-system cisco configuration router redirect
9,377

Solution 1

Make sure that the IP of the DNS server is in the routing table and... 

ip access-list extended transparent_dns
permit udp any any eq 53

route-map redirect_dns permit 10
match ip address transparent_dns
set ip next-hop ip.of.your.server
route-map redirect_dns permit 20

interface fax/x
ip address xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
ip policy route-map redirect_dns

Solution 2

Setting up DHCP is so ridiculously simple that its worth doing even in small networks. You can do it right on the Cisco in fact. (When I'm back at a computer I'll find the commands :) )

The whole reason behind your question is that you're having trouble keeping track of your "small number" of clients. Don't make more work for yourself by putting in a weird configuration; do it right and configure DHCP!

The right answer in system administration is ALWAYS: Keep it simple!

Solution 3

It may be easier (and "cleaner") to just update your DHCP server to "hand out" your own DNS server, if you are running DHCP internally as well.

Solution 4

Trying to make this work the way you're asking is far from ideal. I'd suggest you setup an access-list on your cisco router to permit and log all DNS requests that don't come from your DNS server. This way you can discover which clients are misconfigured and correct them.

Share:
9,377

Related videos on Youtube

Muhammad Resna Rizki Pratama
Author by

Muhammad Resna Rizki Pratama

Updated on September 18, 2022

Comments

  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 1 year

    how I can redirect any DNS request from the client with my Cisco Router 2621XM. I want to redirect any dns request to my own dns server. So if the client has set the dns server in their ip address setting, it had not effect.

    Like directing the www request to squid proxy first. I use this in my debian server :

    iptables -t nat -A PREROUTING -s 0.0.0.0/0 -p tcp -m tcp --dport 53 -j DNAT --to-destination 192.168.1.50:53
iptables -t nat -A PREROUTING -s 0.0.0.0/0 -p udp -m udp --dport 53 -j DNAT --to-destination 192.168.1.50:53

    can you tell me the configuration for my cisco router with same way like above parameters.

    thanks for advance. sorry for my bad english.

  • h0tw1r3
    h0tw1r3 over 12 years
    Actually it's possible using NAT. It's been awhile since I've been on a Cisco so the exact configuration escapes me.
  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 12 years
    I also think that I must use the NAT configuration. But I still don't know the right parameters..
  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 12 years
    Thanks for your suggestion. That is right for that situation if I have DHCP server.. But in my scenario... I don't have a DHCP server...
  • user48838
    user48838 over 12 years
    Are you assigning the IP addresses manually across your internal network?
  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 12 years
    I think so. I can't imagine how I can do it work with my cisco router. Because this is my teacher's question too. :D .
  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 12 years
    and about the permit and log all DNS request it's will me make work twice. I must create and see the log, and then check the client, and reconfigured if DNS setting is incorrect. It will so difficult for large number of clients :D . fortunately, number of my clients are small. this is just small-scale experiments in my class.
  • Steve Townsend
    Steve Townsend over 12 years
    You can do an outside global destination translation. But if the destination is on the network as the source you'll have to mangle both the src and dest. If the DNS server was on a separate interface it'd be easy.
  • Steve Townsend
    Steve Townsend over 12 years
    Setting up DHCP is so ridiculously simple that its worth doing even in small networks. You can do it right on the Cisco in fact. (In fact the whole reason behind your question is that you're having trouble keeping track of your small # of clients. Don't make more work for yourself; do it right and configure DHCP! Keep it simple!)
  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 12 years
    ohh.. OK. I was give up for this problem.. your answer is right "keep it simple". I'm not remember that. :D I was told by my teacher about that. I was so determined to find out how to solve this problem. And at this time, I give up. I will use the simplest way.
  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 12 years
    I was doubt for using policy-routing. I was using policy-routing for redirect to my proxy server. But, I still doubt to use for this problem. I worry if policy-routing can make drop my router's performance.
  • Steve Townsend
    Steve Townsend over 12 years
    How to actually do it is mentioned on this page. YMMV.
  • Muhammad Resna Rizki Pratama
    Muhammad Resna Rizki Pratama over 12 years
    well.. I try this... and great.. its works for me. thanks .
  • Vatine
    Vatine over 12 years
    @qwildz: It probably varies from router to router, but enabling policy-routing tends to drop from CEF to slower forwarding algorithms. On low-end hardware, it tends to end up being CPU-switched.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Cisco 881 throughput/bandwidth issue
How Connect to Cisco router for the First Time
How to remove excluded-address ranges from a Cisco router config?
Can I regenerate the rsa key for SSH access to a Cisco router? Or should I completely erase the SSH config?
How to statically configure DNS servers on a Cisco router when the WAN interface uses DHCP?
QoS for Cisco Router to Prioritize Voice and Interactive Traffic
How to block external access to the DNS service running on a Cisco router?
How to setup PPPoE with OpenWrt
Debian Squeeze as a router
How do I connect to and access a Cisco router?