[nsp] dns forwarding
Christian Kuhtz
christian.kuhtz at bellsouth.com
Wed Jul 7 13:39:20 EDT 2004
Maybe I'm missing something here, but a resolver query to, say, 192.168.0.1
isn't a broadcast, guys ;).. Forget the ip helper.
A dedicated NAT/PAT rule is more like it if at all.
Or using a Dynamic Host Configuration Protocol server for actual dynamic
configuration ;)... And do away with a hack.
On 7/7/04 1:30 PM, "Eric Pylko" <eric at infinitenetworks.us> wrote:
> The ip helper-address command forwards all sorts of broadcasts. By default
> it does DHCP and a bunch of others (tftp, dns, time (port 37), tacacs, bootp
> client, bootp server, nb name service, and nb datagram service). These are
> all UDP ports that it forwards.
>
> If you want to disable those (or enable others) you can do with with "no ip
> forward-protocol" or "ip forward-protocol" as needed.
>
> -Eric
>
> --
> Eric Pylko eric at infinitenetworks.us
> CCIE #5827 (585) 747-2446
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Kristofer Sigurdsson
> Sent: Wednesday, July 07, 2004 1:01 PM
> To: Roger
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [nsp] dns forwarding
>
> Roger, Wed, Jul 07, 2004 at 11:48:11AM -0500 :
>> Richard Danielli wrote:
>>
>>> Roger,
>>>
>>> If you only have to satisfy client requests, you might consider looking
>>> to the ip-helper address command in IOS.
>>>
>>>
>>
>> Tried that.. Didn't work.. I put the helper address on the internal
>> interface and pointed the help-address to the dns server.
>>
>> I tried a dns query on the ip of the router and it returned nothing.
>> From my understanding the helper-address forwards udp broadcasts - ie
>> for dhcp/bootp a dns query is a udp unicast.
>
> The helper-address directs BOOTP/DHCP IIRC - not broadcasts in general.
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. 117
More information about the cisco-nsp
mailing list