[nsp] dns forwarding

Eric Pylko eric at infinitenetworks.us
Wed Jul 7 13:42:38 EDT 2004 

You're right, but if you set your DNS server to 192.168.0.255 that would be
a broadcast.  The router _should_ forward that to whatever is configured in
the ip-helper command.  Whether the DNS server will respond to it is an
entirely different question.

Now that I think of it, you might have to do a "no ip directed-broadcast" on
the interface also to make sure the broadcast gets into the router.

-Eric

--
Eric Pylko			eric at infinitenetworks.us
CCIE #5827			(585) 747-2446


-----Original Message-----
From: Christian Kuhtz [mailto:christian.kuhtz at bellsouth.com] 
Sent: Wednesday, July 07, 2004 1:39 PM
To: Eric Pylko; 'Kristofer Sigurdsson'; 'Roger'
Cc: cisco-nsp
Subject: Re: [nsp] dns forwarding


Maybe I'm missing something here, but a resolver query to, say, 192.168.0.1
isn't a broadcast, guys ;).. Forget the ip helper.

A dedicated NAT/PAT rule is more like it if at all.

Or using a Dynamic Host Configuration Protocol server for actual dynamic
configuration ;)... And do away with a hack.

On 7/7/04 1:30 PM, "Eric Pylko" <eric at infinitenetworks.us> wrote:

> The ip helper-address command forwards all sorts of broadcasts.  By
default
> it does DHCP and a bunch of others (tftp, dns, time (port 37), tacacs,
bootp
> client, bootp server, nb name service, and nb datagram service).  These
are
> all UDP ports that it forwards.
> 
> If you want to disable those (or enable others) you can do with with "no
ip
> forward-protocol" or "ip forward-protocol" as needed.
> 
> -Eric
> 
> --
> Eric Pylko   eric at infinitenetworks.us
> CCIE #5827   (585) 747-2446
> 
> 
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Kristofer
Sigurdsson
> Sent: Wednesday, July 07, 2004 1:01 PM
> To: Roger
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [nsp] dns forwarding
> 
> Roger, Wed, Jul 07, 2004 at 11:48:11AM -0500 :
>> Richard Danielli wrote:
>> 
>>> Roger,
>>> 
>>> If you only have to satisfy client requests, you might consider looking
>>> to the ip-helper address command in IOS.
>>> 
>>> 
>> 
>> Tried that..  Didn't work..  I put the helper address on the internal
>> interface and pointed the help-address to the dns server.
>> 
>> I tried a dns query on the ip of the router and it returned nothing.
>> From my understanding the helper-address forwards udp broadcasts - ie
>> for dhcp/bootp a dns query is a udp unicast.
> 
> The helper-address directs BOOTP/DHCP IIRC - not broadcasts in general.


The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers. 117

More information about the cisco-nsp mailing list