HA Proxy DNS Configuration Mode Commands



Similar documents
Configuring the Firewall Management Interface

Enabling Remote Access to the ACE

APPENDIX B. Routers route based on the network number. The router that delivers the data packet to the correct destination host uses the host ID.

Configuring the Content Routing Software

Configuring Class Maps and Policy Maps

Configuring Network Address Translation

Configuring Traffic Policies for Server Load Balancing

Adding an Extended Access List

Configuring System Message Logging

CE363 Data Communications & Networking. Chapter 6 Network Layer: Logical Addressing

ICS 351: Today's plan

Chapter 3 LAN Configuration

GLBP - Gateway Load Balancing Protocol

DHCP Server Port-Based Address Allocation

Network Data Encryption Commands

Table of Contents 1 IP Addressing Configuration 1-1

TCP/IP works on 3 types of services (cont.): TCP/IP protocols are divided into three categories:

TCP/IP Basis. OSI Model

IP Addressing and Subnetting. 2002, Cisco Systems, Inc. All rights reserved.

Terminal Server Configuration and Reference Errata

Configuring Health Monitoring

Chapter 3 Using Access Control Lists (ACLs)

Expert Reference Series of White Papers. Binary and IP Address Basics of Subnetting

Configuring DHCP and DNS Services

Chapter 4. IP Addresses: Classful Addressing

Future Internet Technologies


IP Security Options Commands

Computer Networks. Introduc)on to Naming, Addressing, and Rou)ng. Week 09. College of Information Science and Engineering Ritsumeikan University

Unit Objectives. IP Addressing Basics. Component 4: Introduction to Information and Computer Science. Unit 7: Networks & Networking Lecture 2

How To Configure A Network Monitor Probe On A Network Wire On A Microsoft Ipv6 (Networking) Device (Netware) On A Pc Or Ipv4 (Network) On An Ipv2 (Netnet) Or Ip

Chapter 19 Network Layer: Logical Addressing 19.1

Supported Platforms. Supported Standards, MIBs, and RFCs. Prerequisites. Related Features and Technologies. Related Documents. Improved Server Access

Configuring Timeout, Retransmission, and Key Values Per RADIUS Server

NETWORK ADMINISTRATION

IP Address: the per-network unique identifier used to find you on a network

Introduction to Network Security Lab 1 - Wireshark

Configuring the WT-4 for ftp (Infrastructure Mode)

Configuring SSL Termination

Preparing the Windows version of the software for use

Chapter 11 Network Address Translation

Chapter 3 Configuring Basic IPv6 Connectivity

SNMP/HTTP Access Control User Manual

2.3 IPv4 Address Subnetting Part 2

1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

PART IV. Network Layer

Internet Telephony PBX System

LAB THREE STATIC ROUTING

Part A:Background/Preparation

Configuration Network Management Card-2

Computer Network Foundation. Chun-Jen (James) Chung. Arizona State University

Networking Test 4 Study Guide

Configuring Trend Micro Content Security

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs

Nokia for Business. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

NAT TCP SIP ALG Support

IPv6 Addressing. Awareness Objective. IPv6 Address Format & Basic Rules. Understanding the IPv6 Address Components

List of FTP commands for the Microsoft command-line FTP client

Tutorial (03) IP addresses & Sub netting

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

Configuring SSL Termination

Configuring Stickiness

How To Load Balance On A Cisco Cisco Cs3.X With A Csono Css 3.X And Csonos 3.5.X (Cisco Css) On A Powerline With A Powerpack (C

Configuring MPLS Hub-and-Spoke Layer 3 VPNs

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

Transport and Network Layer

Multi-Homing Security Gateway

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software

You can specify IPv4 and IPv6 addresses while performing various tasks in this feature. The resource

Positional Numbering System

You can probably work with decimal. binary numbers needed by the. Working with binary numbers is time- consuming & error-prone.

Traffic Mirroring Commands on the Cisco IOS XR Software

Configuring Primary and Backup Proxy Servers for Standalone Content Engines

IP Addressing A Simplified Tutorial

How to Create Subnets To create subnetworks, you take bits from the host portion of the IP address and reserve them to define the subnet address.

Configuring NTP. Information About NTP. NTP Overview. Send document comments to CHAPTER

LAN TCP/IP and DHCP Setup

Copyright

F-SECURE MESSAGING SECURITY GATEWAY

Configuring Basic Settings

Configuring a Backup Path Test Using Network Monitoring

Japanese Character Printers EPL2 Programming Manual Addendum

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

Configuring RADIUS Server Support for Switch Services

Configuring the WT-4 for ftp (Ad-hoc Mode)

Domain Name System (DNS) Services

1. How many unique network IDs are there in class A addresses? # of unique hosts?

Chapter 4 IP Addresses: Classful Addressing

Number of bits needed to address hosts 8

How Subnets Work in Practice. Fred Marshall Coastal Computers & Networks

Configuring connection settings

Internet Protocol Address

Configuration Commands. SNMP System Commands. engineid XRS System Management Guide Page 303 SNMP. Syntax [no] engineid engine-id

Implementing Network Address Translation and Port Redirection in epipe

Brocade to Cisco Comparisons

DNS Commands ip dns spoofing

Cisco Router Configuration Tutorial

Transcription:

Important HA Proxy DNS Intercept is a license-enabled feature. The HA Proxy DNS Configuration Mode is used to create rules for Home Agent (HA) proxy DNS intercept lists that redirect packets with unknown foreign DNS addresses to a home network DNS server. Command Modes Exec > Global Configuration > Context Configuration > Proxy DNS Configuration configure > context context_name > proxy-dns intercept-list list_name Entering the above command sequence results in the following prompt: [context_name]host_name(config-proxy-dns-intercept-list)# Important The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s). description, page 2 end, page 3 exit, page 4 pass-thru, page 5 redirect, page 7 1

description description Allows you to enter descriptive text for this configuration. All Syntax Description description text no description no Clears the description for this configuration. text Enter descriptive text as an alphanumeric string of 1 to 100 characters. If you include spaces between words in the description, you must enclose the text within double quotation marks (" "), for example, "AAA BBBB". The description should provide useful information about this configuration. 2

end end Exits the current configuration mode and returns to the Exec mode. All Syntax Description end Use this command to return to the Exec mode. 3

exit exit Exits the current mode and returns to the parent configuration mode. All Syntax Description exit Use this command to return to the parent configuration mode. 4

pass-thru pass-thru Sets IP addresses that should be allowed through the proxy DNS intercept feature. HA Command Modes Exec > Global Configuration > Context Configuration > Proxy DNS Configuration configure > context context_name > proxy-dns intercept-list list_name Entering the above command sequence results in the following prompt: [context_name]host_name(config-proxy-dns-intercept-list)# Syntax Description [ no ] pass-thru { ipv4_address ipv6_address } [ /ip_mask ] no Removes the DNS IP address from the pass-thru rule. pass-thru ip_address [ /ip_mask ] Specifies an DNS IP address that is allowed through the intercept feature. ip_address [ /ip_mask ]: Specifies the IP address and network mask bits. ip_address [ /ip_mask ] is specified using IPv4 dotted decimal or IPv6 colon-separated-hexadecimal notation. The mask bits are a numeric value which is the number of bits in the subnet mask (CIDR notation). Use this command to identify DNS IP addresses that should be allowed through the intercept feature. For a more detailed explanation of the proxy DNS intercept feature, see the proxy-dns intercept-list command in the Context Configuration Mode Commands chapter. A maximum of 16 intercept rules (either redirect or pass-thru) are allow for each intercept list. Important To allow packets through that do not match either the pass-thru or redirect rules, set a pass-thru rule address as: 0.0.0.0/0. If a packet does not match either the pass-thru or redirect rule, the packet is dropped. 5

pass-thru Examples The following command allows a foreign network's DNS with an IP address of 10.2.55.12 to avoid being redirected: pass-thru 10.2.55.12 6

redirect redirect Redirects DNS IP addresses from foreign networks matching an IP address in this command to a home network DNS. HA Command Modes Exec > Global Configuration > Context Configuration > Proxy DNS Configuration configure > context context_name > proxy-dns intercept-list list_name Entering the above command sequence results in the following prompt: [context_name]host_name(config-proxy-dns-intercept-list)# Syntax Description redirect { ipv4_address ipv6_address } [ primary-dns { ipv4_address ipv6_address } + [ secondary-dns { ipv4_address ipv6_address } + ] ] no redirect { ipv4_address ipv6_address } no Removes the DNS IP address from the redirect rule. primary-dns { ipv4_address ipv6_address } + Specifies the IP address of the primary home network DNS. ipv4_address must be an IPv4 address in dotted-decimal notation. ipv6_address must be an IPv6 address in colon-separated hexadecimal notation. + indicates that the keyword and variable option can be used multiple times in the same command. secondary-dns { ipv4_address ipv6_address } + Specifies the IP address of the secondary home network DNS. ipv4_address must be an IPv4 address in dotted-decimal notation. ipv6_address must be an IPv6 address in colon-separated hexadecimal notation. + indicates that the keyword and variable option can be used multiple times in the same command. 7

redirect Use this command to identify DNS IP addresses from foreign networks that are to be redirected to the home DNS. For a more detailed explanation of the Proxy DNS feature, see the proxy-dns intercept-list command in the Context Configuration Mode Commands chapter. A maximum of 16 intercept rules (either redirect or pass-thru) are allow for each intercept list. Since this command is configured in the source context, the destination context containing the path to the home network DNS is identified using the Context Configuration Mode command ip dns-proxy source-address. Important If a packet does not match the pass-thru or redirect rule, the packet is dropped. If primary-dns or secondary-dns is not configured, DNS messages are redirected to the primary-dns-server (or the secondary-dns-server) configured for the subscriber OR inside the context. Examples The following command identifies a foreign network DNS with an IP address of 10.2.55.12 and redirects it to a primary home network DNS with an IP address of 10.3.4.5: redirect 10.2.55.12 primary-dns 10.3.4.5 primary-dns 10.5.3.5 secondary-dns 10.4.3.2 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information