No. Data
3 (Optional) Aging time of DNS entries
4.4.2 Configuring a DNS Server
This section describes how to configure a DNS server.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
dns resolve
Dynamic DNS resolution is enabled.
Step 3 Run:
dns server ip-address
The IP address of the DNS server that the DNS proxy or relay access is configured.
----End
4.4.3 (Optional) Configuring DNS Spoofing
This section describes how to configure DNS spoofing.
Context
If the AR150/200 is enabled with DNS proxy or relay but is not configured with a DNS server
address or has no route to the DNS server, it does not forward or respond to DNS query messages
from DNS clients. If DNS spoofing is enabled, the AR150/200 uses the configured IP address
to respond to all DNS query messages.
In addition to enabling DNS proxy or relay, one of the following conditions must be met to make
DNS spoofing take effect:
l No DNS server is configured.
l A DNS server is configured, but dynamic DNS resolution is disabled.
l There is no route to the DNS server.
l There is no source IP address on the outbound interface connected to the DNS server.
If one of the preceding conditions is met, when the DNS proxy or relay receives an address
record query, it spoofs reply messages to any DNS query messages using the configured IP
address.
Procedure
Step 1 Run:
Huawei AR150&200 Series Enterprise Routers
Configuration Guide - IP Service 4 DNS Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
88
To Next Page
Loading...
