EasyManua.ls Logo

Cisco Catalyst 4500 Series - Making an Entry in the Trusted Domain List

Cisco Catalyst 4500 Series
2086 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
45-10
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 45 Configuring AVC with DNS-AS
Configuring AVC with DNS-AS
Making an Entry in the Trusted Domain List
When AVC with DNS-AS is first enabled on the switch, the trusted domain list is empty. You must
maintain the list of trusted domains on the switch. The switch snoops only for network traffic that is
maintained in this list. To make entries in this list, perform the following task
Command or Action Purpose
Step 1
configure terminal
Example:
Switch# configure terminal
Enters global configuration mode.
Step 2
[no] avc dns-as client enable
Example:
Switch(config)# avc dns-as client enable
Enables AVC with DNS-AS on the switch (DNS-AS client).
The system then creates a binding table where parsed DNS server
responses are stored till the TTL expires.
Note To ensure DNS packet logging or snooping, you must
attach the policy map (containing the relevant class maps
that will determine traffic class) to the interface by using
the service-policy input command. For more information
see Configuring QoS for AVC with DNS-AS, page 45-11.
Command or Action Purpose
Step 1
configure terminal
Example:
Switch# configure terminal
Enters global configuration mode.
Step 2
[no] avc dns-as client trusted-domains
Example:
Switch(config)# avc dns-as client
trusted-domains
Enters the trusted domain configuration mode.
Step 3
[no] domain domain-name
Example:
Switch(config-trusted-domains)# domain
www.example.com
Enter the domain name. This forms part of the list of trusted
domains for the DNS-AS client. All remaining domains are
ignored and will follow default forwarding behavior.
You can enter up to 50 domains.
You can use regular expressions to match the domain name. For
example, to represent all the domains for an organization, if you
enter:
Switch(config-trusted-domains)# domain *.example.*
The DNS-AS client matches www.example.com, ftp.example.org
and any other domain that pertains to the organization “example”.
But use such an entry at your discretion, because it could increase
the size of the binding table considerably.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals