Command Line Reference

DNS Configuration

7 min

dns configuration dns configuration dns server dns server ip address \[command] dns server ip address no dns server ip address \[purpose] configure domain name system (dns) servers \[view] system configuration view \[use cases] sonic# configure sonic(config)# dns server 114 114 114 114 dns relay enable dns relay enable \[command] dns relay enable no dns relay enable \[purpose] enable the dns relay function on the device to allow it to resolve domain names via a domain name server \[view] system configuration view \[use cases] sonic# configure sonic(config)# dns relay enable dns query group dns query group string \[command] dns query group string \[purpose] configure the dns domain name table; you can add domain names to the domain name table \[view] system configuration view \[notes] after configuring the dns server and enabling dns relay, proceed to configure the dns query group \[use cases] sonic# configure sonic(config)# dns query group test sonic(config dns query group test)# query query hostname string \[command] query hostname string \[purpose] add a domain name to the dns domain name table for subsequent acl configuration multiple queries can be configured within the table \[view] dns domain name table view \[parameter] true 122,388 left #4283c7 unhandled content type left #4283c7 unhandled content type left unhandled content type left unhandled content type \[use cases] sonic# configure sonic(config)# dns query group test sonic(config dns query group test)#query www weibo com rule rule \[command] rule rule id \[ {packet action {deny|permit}}] \[src ip ip address] \[dst ip ip address]\[src port port] \[dst port port] \[ip type type]\[src dns group name] \[dst dns group name ] no rule rule id \[purpose] add dns acl rules \[view] acl view \[parameter] true 127,383 trueleft #4283c7 unhandled content type left #4283c7 unhandled content type left unhandled content type left unhandled content type left #d8e5f5 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type left 1 1 unhandled content type left 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type left 1 1 unhandled content type left 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type left 1 1 unhandled content type left 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type left #d8e5f5 1 1 unhandled content type \[notes] when configuring dns acl related rules, please note that the src dns group/dst dns group matching fields cannot be configured and distributed together with src ip/dst ip \[use cases] sonic(config)# access list l3 test ingress sonic(config l3 acl test)# rule 1 dst dns group test1 packet action permit