R3303-HP HSR6800 Routers Layer 3 - IP Services Configuration Guide

Configuring the DNS proxy

You can specify multiple DNS servers. Upon receiving a name query request from a client, the DNS

proxy forwards the request to the DNS server that has the highest priority. If having not received a reply,

it forwards to the request to a DNS server that has the second highest priority, and thus in turn.

To configure the DNS proxy:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enable DNS proxy.

dns proxy enable Disabled by default.

3. Specify a DNS server.

• Method 1 (In system view):

dns server ip-address

• Method 2 (In interface view):

a. interface interface-type

interface-number

b. dns server ip-address

Use at least one method.

No DNS server is specified by

default.

Configuring DNS spoofing

DNS spoofing is effective only when:

• The DNS proxy is enabled on the device.

• No DNS server or route to any DNS server is specified on the device.

To configure DNS spoofing:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Enable DNS spoofing and specify

the translated IP address.

dns spoofing ip-address Disabled by default.

Specifying the source interface for DNS packets

By default, the device uses the primary IP address of the output interface of the matching route as the

source IP address of a DNS request. Therefore, the source IP address of the DNS packets might vary with

DNS servers. In some scenarios, the DNS server only responds to DNS requests sourced from a specific

IP address. In such cases, you must specify the source interface for the DNS packets so that the device

can always use the primary IP address of the specified source interface as the source IP address of DNS

packets.

To specify the source interface for DNS packets: