From CCIE Study Wiki

Cisco IOS has many different options for configuring DNS, up to setting up the system to serve as a DNS server in its own right.

Theory

You can control whether or the IOS will use DNS to resolve hostnames. You can also configure static DNS entries, list common DNS domains that should be used for completing unqualified DNS hostnames, and configure DNS timers.

If a hostname resolves to multiple IP address, DNS can be set up to use all of the different IPs in a rotating fashion.

The IOS DNS can also be configured for DNS Spoofing, which will handle DNS requests if the upstream provider is not available. The IOS DNS spoofing feature will direct all DNS resolution requests to the specified IP address instead of the normal (unavailable) IP until the upstream provider is available.

A Cisco IOS system can provide service to DNS clients, acting as both a caching name server and as an authoritative name server for local hosts.

• When configured as a caching name server, the router still relays DNS requests to other name servers that in turn resolve network names into network addresses. The caching name server then caches the information learned from these servers so that it can answer future requests quickly, without having to relay the request to the other name servers.
• When configured as an authoritative name server, the router listens on port 53 for DNS queries and then answers them using its permanent and cached entries.

Commands

• ip host name [tcp-port-number] address1 [address2 ... address8] (global) - Defines a static hostname to ip address mapping
• ip domain name name (global) - Defines a default domain name that the Cisco IOS software will use to complete unqualified hostnames.
• ip domain list name (global) - Defines a list of domain names that the Cisco IOS software will use to complete unqualified hostnames.
• ip domain timeout seconds (global) - Specifies the amount of time DNS will wait for a response to a DNS query.
• ip domain retry number (global)- Specifies the number of times to retry a DNS query.
• ip domain round-robin (global) - Enables the IOS to resolve DNS requests in a round-robin manner if more then one IP resolves to a hostname.
• ip dns spoofing [ip-address] (global) - Turns on the DNS spoofing feature.
• ip dns server (global) - Enables the system as a DNS server
• ip name-server server-address1 [server-address2...server-address6] (global) - Command to configure other DNS servers in the network
• ip host [view view-name] hostname {address1 [address2 ... address8] | additional addressn} (global) - Used to set up local hosts
• ip dns server queue limit forwarder queue-size-limit (global) - Optional command to limit the size of queues used by the DNS process.
• ip dns primary domain-name soa server-name mailbox-name [refresh-interval [retry-interval]] (global) - Configures the router as the primary DNS name server for a domain (or zone) and as the start of authority (SOA) record source (which designates the start of a zone).
• ip host domain-name ns server-name (global) - Configures the router to create an NS resource record to be returned when the DNS server is queried for the associated domain. This configuration is needed only if the zone for which the system is authoritative will also be served by other name servers.

Default Settings

• Domain lookup is enabled by default.
• DNS server is NOT enabled by default.
• The IOS will wait 3 seconds for a DNS response and try two additional times to resolve the address after failure

Verification

• Nothing listed yet

Troubleshooting, Tips, and Tricks

• Unlike other DNS servers, the Cisco IOS DNS server does not perform zone transfers when set up as a name server.

Online Resources

• Cisco IOS IP addressing services configuration guide on configuring DNS.

• A must-read article on setting up a Cisco router as a DNS server.

• Configuring Dynamic DNS in the Cisco IOS.

Have something to contribute? See a mistake on this page? Have a hint or a link to share?
The CCIE Study Wiki is open to everyone to edit! All you need to do is to create an account to start contributing.
Please be sure to follow our posting guidelines when editing the wiki.

Maybe you have just have some thoughts or suggestions for this entry?
Use the Discussion link on the top or bottom menu to create or join the CCIE forum post on this topic.
You can also go straight to the CCIE Forums and start a new discussion in the forum of your choice.

If you'd rather just contact us with your thoughts, we'd love to hear what you have to say.