Manualshelf

R21xx-HP FlexFabric 11900 Layer 3 IP Services Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP FlexFabric 11000 Switch Products
919293949596979899100
88
You can configure only one replied IPv4 address and one replied IPv6 address for the public
network or a VPN. If you use the command multiple times, the most recent configuration takes effect.
You can configure DNS spoofing for the public network and a maximum of 1024 VPNs.
To configure DNS spoofing:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enable DNS proxy.
dns proxy enable By default, DNS proxy is disabled.
3. Enable DNS spoofing and
specify the translated IP
address.
Specify a translated IPv4 address:
dns spoofing ip-address
[ vpn-instance
vpn-instance-name ]
Specify a translated IPv6 address:
ipv6 dns spoofing ipv6-address
[ vpn-instance
vpn-instance-name ]
Use at least one command.
By default, no translated IP
address is specified.
Specifying the source interface for DNS packets
By default, the device uses the primary IP address of the output interface of the matching route as the
source IP address of a DNS request. Therefore, the source IP address of the DNS packets may vary with
DNS servers. In some scenarios, the DNS server only responds to DNS requests sourced from a specific
IP address. In such cases, you must specify the source interface for the DNS packets so that the device
can always uses the primary IP address of the specified source interface as the source IP address of DNS
packets.
When sending IPv4 DNS request, the device uses the primary IPv4 address of the source interface as the
source IP address of the DNS request. When sending IPv6 DNS request, the device selects an IPv6
address from the addresses configured on the source interface as defined in RFC 3484 as the source IP
address of the DNS request. If no IP address is configured on the source interface, the DNS packet fails
to be delivered.
You can configure only one source interface on the public network or a VPN. When you configure a new
source interface, the last configuration takes effect. You can configure the source interface for the public
network and a maximum of 1024 VPNs.
To specify the source interface for DNS packets:
Step Command Remarks
1. Enter system view.
system-view
N/A