Redirects DNS IP addresses
from foreign networks matching an IP address in this command to
a home network DNS.
Privilege
Security Administrator,
Administrator
Mode
Exec > Global Configuration
> Context Configuration > Proxy DNS Configuration
configure > context context_name > proxy-dns intercept-list list_name
Entering the above
command sequence results in the following prompt:
[context_name]host_name(config-proxy-dns-intercept-list)#
Syntax
redirect { ipv4_address | ipv6_address } [ primary-dns { ipv4_address | ipv6_address } + | [ secondary-dns { ipv4_address | ipv6_address } + ] ]
no redirect { ipv4_address | ipv6_address }
no
Removes the DNS IP
address from the redirect rule.
primary-dns { ipv4_address | ipv6_address } +
Specifies the IP address
of the primary home network DNS.
ipv4_address must
be an IPv4 address in dotted-decimal notation.
ipv6_address must
be an IPv6 address in colon-separated hexadecimal notation.
+ indicates
that the keyword and variable option can be used multiple times
in the same command.
secondary-dns { ipv4_address | ipv6_address } +
Specifies the IP address
of the secondary home network DNS.
ipv4_address must
be an IPv4 address in dotted-decimal notation.
ipv6_address must
be an IPv6 address in colon-separated hexadecimal notation.
+ indicates
that the keyword and variable option can be used multiple times
in the same command.
Usage Guidelines
Use this command to
identify DNS IP addresses from foreign networks that are to be redirected
to the home DNS. For a more detailed explanation of the Proxy DNS
feature, see the proxy-dns intercept-list command in the Context Configuration
Mode Commands chapter. A maximum of 16 intercept rules (either redirect or pass-thru )
are allow for each intercept list.
Since this command
is configured in the source context, the destination context containing the
path to the home network DNS is identified using the Context Configuration
Mode command ip
dns-proxy source-address .
Important
|
If a packet does not
match the pass-thru or redirect rule,
the packet is dropped. If primary-dns or secondary-dns is
not configured, DNS messages are redirected to the primary-dns-server
(or the secondary-dns-server) configured for the subscriber OR inside
the context.
|
Example
The following command identifies a foreign network DNS with an IP address of 209.165.200.236 and redirects it to a primary home network DNS with an IP address of 209.165.201.5 :redirect 209.165.200.236 primary-dns 209.165.201.5 primary-dns 209.165.202.133 secondary-dns 209.165.201.2