[c-nsp] dns resolution not working with vrfs
Phil Mayers
p.mayers at imperial.ac.uk
Tue Aug 25 08:30:53 EDT 2009
luismi wrote:
> Hi all,
>
> I tried this code:
> ip domain-lookup source-interface Port-channel1.92
> ip name-server vrf FW2INET 199.45.32.40
> ip name-server vrf FW2INET 151.202.0.85
> ip name-server vrf FW2INET 151.202.0.84
>
> And the test is...
> #ping www.google.es
> Translating "www.google.es"...domain server (255.255.255.255)
> % Unrecognized host or address, or protocol not running.
What happens if you do:
ping vrf FW2INET www.google.es
...here?
>
> Then I tried...
> no ip name-server vrf FW2INET 199.45.32.40
> no ip name-server vrf FW2INET 151.202.0.85
> no ip name-server vrf FW2INET 151.202.0.84
> ip name-server 199.45.32.40
> ip name-server 151.202.0.85
> ip name-server 151.202.0.8
...this won't work because the source-interface is in a VRF, and there
isn't a per-VRF "ip domain-lookup source-interface" command
We saw something related to this the other day; I'm half convinced that
per-VRF DNS settings are only used "inside" that VRF e.g. for "ping vrf"
versus plain "ping" commands.
More information about the cisco-nsp
mailing list