Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

45-3

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 45 Configuring AVC with DNS-AS

About AVC with DNS-AS

Client or DNS-AS client Networking devices throughout your network. Host traffic is always

routed through such a client.

Note This configuration chapter deals with DNS-AS configuration

on Cisco Catalyst Switches that are deployed as access

switches only. Throughout this document, the term client,

DNS-AS client, refers to the switch where AVC with DNS-AS

is enabled.

DNS-AS Clients receive metadata from an authoritative DNS server

and maintain a database of this information in the form of records.

How long the record remains in the client’s database, is determined by

the record’s TTL.

Binding table A table that resides in the client and serves as a database of parsed

DNS server responses [TXT records and “A” records].

Every client has a binding table of its own.

An “A” record A record containing the domain name and IP address information

[Only IPv4 address]. This is one of the DNS-Server responses (the

other being the TXT record) and has a predefined lifespan.

A forward lookup request from a host is a request for an “A” record.

TXT DNS-AS resource

record or TXT record

A record containing metadata. This is one of the DNS-Server

responses (the other being the “A” record) and has a predefined

lifespan.

A TXT record is limited to 255 characters.

For AVC with DNS-AS, the TXT attribute is always

CISCO-CLS. Any

TXT record that starts with

CISCO-CLS= can be recognized as a

DNS-AS message.

Syntax—

CISCO-CLS=<option>:<val>{|<option>:<val>}*

Time-to-Live (TTL) The lifespan of an “A” record and TXT record in the binding table.

TTL values are configured on the DNS server.

While a TTL accompanies both TXT and “A” record responses, the

DNS client only goes by the “A” record response from the DNS server.

Authoritative DNS server The go-to DNS server for all client metadata and “A” record requests.

Every DNS domain has only one authoritative DNS server.

Such a server maintains records of application metadata in the form of

a TXT record, and only returns responses to queries about domain

names that have been maintained in the required format.

The following is a sample metadata record in the prescribed format:

CISCO-CLS=app-name:example|app-class:TD|business:YES|app-i

d:CU/28202

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E