Nameserver
Soodar router supports DNS (Domain Name System) configuration, allowing you to act as a DNS client or a DNS relay.
The system also supports defined hostnames, which are local names that can be used to refer to devices on the network. This functionality is also available in the DNS relay mode.
Configuring Nameserver
Nameserver configuration in Soodar is VRF-aware. It means that you can configure different DNS servers/ hostnames for different VRFs. It is also possible to configure VRFs to use another VRF’s DNS servers/ hostnames.
Note
DNS lookup is enabled by default. The only way to disable it is to remove all configured DNS servers and hostnames both.
Configuration Commands
- ip name-server A.B.C.D
The command is used to configure the IP address of a DNS (Domain Name System) server on the default VRF.
A.B.C.D: is the IP address of the DNS server.
- ip name-server vrf VRFNAME A.B.C.D
The command is used to configure the IP address of a DNS server for a specific VRF (Virtual Routing and Forwarding) instance.
VRFNAME: is the name of the VRF instance.A.B.C.D: is the IP address of the DNS server.
- ip name-server 0.0.0.0
The command is used to enable DNS relay on default VRF. The router will answer DNS queries from clients using the DNS servers configured on the router.
- ip name-server vrf VRFNAME 0.0.0.0
The command is used to enable DNS relay on a specific VRF. The router will answer DNS queries from clients using the DNS servers configured on the router for that VRF.
- ip host HOSTNAME A.B.C.D
The command is used to define a local hostname and its corresponding IP address on default VRF.
HOSTNAME: is the host’s name.A.B.C.D: is the IP address associated with the hostname.
- ip host vrf VRFNAME HOSTNAME A.B.C.D
The command is used to define a local hostname and its corresponding IP address for a specific VRF.
VRFNAME: is the name of the VRF instance.HOSTNAME: is the host’s name.A.B.C.D: is the IP address associated with the hostname.
- ip domain-lookup vrf-reference VRFNAME
The command is used to set the reference VRF for DNS lookups. This VRF can be used by other VRFs to resolve hostnames using the DNS servers configured in the reference VRF.
VRFNAME: is the name of the VRF instance that will be used as a reference for DNS lookups.
Note
By default, the reference VRF is set to the default VRF.
- ip domain-lookup vrf-reference
The command is used to set VRF DNS resolving to be done via reference VRF. This means that the DNS servers configured in the reference VRF will be used for DNS lookups in the current VRF. Also the connections to the DNS servers will be established in the reference VRF.
Note
This command is available in both VRF and CONFIG nodes. In CONFIG node, it sets the default VRF to use the reference VRF.
soodar(config)# ip vrf red soodar(config)# ip name-server vrf red 4.2.2.4 soodar(config)# ip domain-lookup vrf-reference red soodar(config)# ip domain-lookup vrf-reference soodar(config)# ip vrf green soodar(config-vrf)# ip domain-lookup vrf-reference
In this example, the red VRF is configured with a DNS server and is set as the reference VRF. The green and default VRFs are set to use the reference VRF for DNS lookups( In this example, red). Any DNS queries made in these VRFs will be resolved in red VRF( Uses the DNS servers and routes configured in red VRF).
- ip domain-lookup vrf VRFNAME
The command is used to set VRF DNS resolving to be done via a specific VRF. This means that the DNS servers configured in the specific VRF will be used for DNS lookups in the current VRF. Also the connections to the DNS servers will be established in the specific VRF.
VRFNAME: is the name of the VRF instance.
Note
This command is available in both VRF and CONFIG nodes. In CONFIG node, it sets the default VRF to use the specific VRF.
- test ip name-server HOSTNAME [VRFNAME]
The command is used to test the DNS resolution of a hostname in a specific VRF or in the default VRF if no VRF is specified.
HOSTNAME: is the hostname to be resolved.VRFNAME: (Optional) is the name of the VRF instance. If not specified, the default VRF will be used.
Note
The ip domain-lookup vrf-reference and ip domain-lookup vrf commands are somehow similar, but they have different use cases. The vrf-reference command is used to set a reference VRF for DNS lookups, while the vrf command is used to set a specific VRF for DNS lookups. The vrf-reference command is more flexible and the reference VRF can be changed without changing other VRFs’ configuration. It is useful when combining DNS with scripting and automation.
Note
The ip domain-lookup command does not affect defined hostnames. The defined hostnames are always resolved in the VRF where they are configured, regardless of the DNS settings.
Troubleshooting Nameserver Configuration
- test ip name-server HOSTNAME [VRFNAME]
The command is used to test the DNS resolution of a hostname in a specific VRF or in the default VRF if no VRF is specified.
HOSTNAME: is the hostname to be resolved.VRFNAME: (Optional) is the name of the VRF instance. If not specified, the default VRF will be used.
- show ip name-server
The command is used to display the configured DNS servers in all VRFs.
soodar# show ip name-server Reference VRF for lookups: default VRF Settings: VRF: default Name Servers: - 4.2.2.4 Nameservers Source: Manual CLI DNS Relay Enabled: yes VRF: red Name Servers: Nameservers Source: DNS Relay Enabled: yes Upstream Lookup VRF: default
Note
Nameservers Source indicates how the DNS servers were configured. It can be Manual CLI or DHCP.
Note
DHCP configured DNS servers always override the manually configured DNS servers.
Note
DHCP configured DNS servers can not be removed from CLI. If you want to remove them, you need to disable the DHCP client on the interface.
- show ip host
The command is used to display the configured hostnames in all VRFs.
soodar# show ip host VRF Settings: VRF: default Hostnames: - soodar: 127.0.1.1 - www.example.com: 192.168.1.1 VRF: red Hostnames:
Usage examples
In this section, we will discuss the usage of nameserver module in Soodar router with some examples.
DNS Relay
In Soodar router, you can configure the router to act as a DNS relay. This means that the router will forward DNS queries from clients to the configured DNS servers( or lookup in defined hostnames) and return the responses to the clients.
Example: Configuring DNS Relay
soodar(config)# ip name-server 4.2.2.4
soodar(config)# ip name-server 0.0.0.0
soodar(config)# ip host www.example.com 10.14.56.23
soodar(config)# interface ge0
soodar(config-if)# ip address 192.168.1.1
The above block setups the router to use the DNS server at 4.2.2.4 then enable DNS relay on the default VRF.
Now we setup a client to use the router as its DNS server:
user@n4# nslookup www.example.com 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: www.example.com
Address: 10.14.56.23
** server can't find www.example.com: NXDOMAIN
user@n4# nslookup www.example.com 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: google.com
Address: 172.217.5.14
Name: google.com
Address: 2607:f8b0:4009:807::200e
Please note that the DNS is only available in default VRF. If we move the interface to another VRF, the DNS will not work:
soodar(config-if)# vrf red
soodar(config)# interface ge0
soodar(config-if)# ip vrf forwarding red
soodar(config-if)# ip address
user@n4# nslookup www.example.com 192.168.1.1
;; communications error to 192.168.1.1#53: connection refused
;; communications error to 192.168.1.1#53: connection refused
;; communications error to 192.168.1.1#53: connection refused
;; no servers could be reached
To make the DNS work in the red VRF, we need to either configure a DNS server, or force the DNS to use the default VRF’s DNS server:
soodar(config)# vrf red
soodar(config-vrf)# ip domain-lookup vrf default
Now, enable DNS relay in the red VRF:
soodar(config)# ip name-server vrf red 0.0.0.0
user@n4# nslookup www.example.com 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
** server can't find www.example.com: NXDOMAIN
user@n4# nslookup www.example.com 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Non-authoritative answer:
Name: google.com
Address: 172.217.5.14
Name: google.com
Address: 2607:f8b0:4009:807::200e
Note that the resolution of www.example.com is not working, because it is defined in the default VRF and is not available in the red VRF. However, the DNS relay is working and the router is able to resolve google.com using the DNS server configured in the default VRF.
Reference VRF for DNS Lookups
Let’s set up a network with multiple VRFs: - internet, backup-internet VRF: Has external connectivity and access to DNS servers - sales, hr, and dev VRFs: Department networks that need DNS resolution
First, configure the VRFs and assign interfaces:
soodar(config)# ip vrf internet
soodar(config)# ip vrf backup-internet
soodar(config)# ip vrf sales
soodar(config)# ip vrf hr
soodar(config)# ip vrf dev
soodar(config)# interface ge0
soodar(config-if)# ip vrf forwarding internet
soodar(config-if)# ip address 203.0.113.1/24
soodar(config)# interface ge4
soodar(config-if)# ip vrf forwarding backup-internet
soodar(config-if)# ip address 151.11.49.5/24
soodar(config)# interface ge1
soodar(config-if)# ip vrf forwarding sales
soodar(config-if)# ip address 10.1.1.1/24
soodar(config)# interface ge2
soodar(config-if)# ip vrf forwarding hr
soodar(config-if)# ip address 10.2.1.1/24
soodar(config)# interface ge3
soodar(config-if)# ip vrf forwarding dev
soodar(config-if)# ip address 10.3.1.1/24
Now, configure DNS servers in the internet VRF and set it as the reference VRF:
soodar(config)# ip name-server vrf internet 8.8.8.8
soodar(config)# ip name-server vrf internet 1.1.1.1
soodar(config)# ip name-server vrf backup-internet 8.8.8.8
soodar(config)# ip name-server vrf backup-internet 1.1.1.1
soodar(config)# ip domain-lookup vrf-reference internet
Next, configure each department VRF to use the reference VRF for DNS lookups:
soodar(config)# ip vrf sales
soodar(config-vrf)# ip domain-lookup vrf-reference
soodar(config)# ip vrf hr
soodar(config-vrf)# ip domain-lookup vrf-reference
soodar(config)# ip vrf dev
soodar(config-vrf)# ip domain-lookup vrf-reference
You can also define VRF-specific hostnames:
soodar(config)# ip host vrf sales sales-server 10.1.1.10
soodar(config)# ip host vrf hr hr-server 10.2.1.10
soodar(config)# ip host vrf dev dev-server 10.3.1.10
Now, test DNS resolution from different VRFs:
soodar# test ip name-server google.com sales
Resolved google.com as 142.250.185.78
soodar# test ip name-server sales-server sales
Resolved sales-server as 10.1.1.10
soodar# test ip name-server hr-server hr
Resolved hr-server as 10.2.1.10
If your ISP changes their DNS servers, you only need to update the internet VRF:
soodar(config)# no ip name-server vrf internet 8.8.8.8
soodar(config)# no ip name-server vrf internet 1.1.1.1
soodar(config)# ip name-server vrf internet 9.9.9.9
soodar(config)# ip name-server vrf internet 149.112.112.112
All department VRFs will automatically use the new DNS servers without any additional configuration changes.
Also you can activate the backup internet VRF for DNS lookups, if the primary internet VRF is not available:
soodar(config)# ip domain-lookup vrf-reference backup-internet