Configuration
Client R1#
----------
ip name-server 2.2.2.2
! ip domain-lookup is enabled by default
ip domain-lookup
Server R2#
----------
ip dns server
! ip domain-lookup is enabled by default
ip domain-lookup
ip host R2 2.2.2.2
ip host R1 1.1.1.1
! We can point to another DNS server
ip name-server 61.8.8.8
! but DO NOT point name-server to itself
! NO ip name-server 2.2.2.2
Verification
R1#ping R2
Translating “R2″…domain server (2.2.2.2) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 155.1.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/58/60 ms
R1#
*Apr 7 11:35:07.163: Domain: query for R2 type 1 to 2.2.2.2
*Apr 7 11:35:07.195: DOM: dom2cache: hostname is R2, RR type=1, class=1, ttl=1, n=4Reply received ok
R2#debug domain
Domain Name System debugging is on
R2#
*Apr 7 02:18:27.683: DNS: Incoming UDP query (id#2)
*Apr 7 02:18:27.683: DNS: Type 1 DNS query (id#2) for host ‘R2′ from 12.0.0.1(58198)
*Apr 7 02:18:27.683: DNS: Query for my own hostname: R2
*Apr 7 02:18:27.683: DNS: Spoofing reply to query (id#2)
*Apr 7 02:18:27.683: DNS: Finished processing query (id#2) in 0.004 secs
REPRODUCE ROUTER CRASH
Router may crash if we configure it as a DNS server, and also point “ip name-server” to itself.
R2#c
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip name-server 2.2.2.2
R2(config)#
R2#
R2#
R2#
!
! The R2 successfully serves the DNS queuries
! for valid hostnames (When “ping R2″ is issued on R1 router)
R1#ping R2
Translating “R2″…domain server (2.2.2.2) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 155.1.0.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/58/60 ms
*Apr 7 11:35:58.539: Domain: query for R2 type 1 to 2.2.2.2
*Apr 7 11:35:58.571: DOM: dom2cache: hostname is R2, RR type=1, class=1, ttl=1, n=4Reply received ok
R2#
*Apr 7 02:19:19.059: DNS: Incoming UDP query (id#3)
*Apr 7 02:19:19.059: DNS: Type 1 DNS query (id#3) for host ‘R2′ from 12.0.0.1(54174)
*Apr 7 02:19:19.059: DNS: Query for my own hostname: R2
*Apr 7 02:19:19.059: DNS: Spoofing reply to query (id#3)
*Apr 7 02:19:19.059: DNS: Finished processing query (id#3) in 0.000 secs
R2#
R2#
! The R2 crashes when “ping R3″ is issued on R1 router
R1#ping R3
Translating “R3″…domain server (2.2.2.2)
*Apr 7 11:36:22.991: Domain: query for R3 type 1 to 2.2.2.2
% Unrecognized host or address, or protocol not running.
timed out
*Apr 7 11:36:55.459: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down
*Apr 7 11:36:55.459: %OSPF-5-ADJCHG: Process 1, Nbr 12.0.0.2 on Serial0/1 from FULL to DOWN, Neighbor Down: Interface down or detached
! As R2 cannot resolve IP for hostname R3, it tries to forward the queury to
! the next DNS server with IP address of itself. And the request keeps
! looping within R2.
!
!
R2#
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
DNS: Type 1 DNS query (id#4) for host ‘R3′ from 2.2.2.2(53)
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
DNS: Type 1 DNS query (id#4) for host ‘R3′ from 2.2.2.2(53)
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
DNS: Type 1 DNS query (id#4) for host ‘R3′ from 2.2.2.2(53)
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
DNS: Type 1 DNS query (id#4) for host ‘R3′ from 2.2.2.2(53)
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
DNS: Type 1 DNS query (id#4) for host ‘R3′ from 2.2.2.2(53)
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
DNS: Type 1 DNS query (id#4) for host ‘R3′ from 2.2.2.2(53)
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
DNS: Type 1 DNS query (id#4) for host ‘R3′ from 2.2.2.2(53)
DNS: Re-sending DNS query (type 1, id#4) to 2.2.2.2
DNS: Incoming UDP query (id#4)
Doc CD Navigation
No comments:
Post a Comment