DNS Configuration Guide

introduction introduction the domain name system (dns) is one of the core services of the internet it functions as a distributed database that maps domain names to ip addresses, enabling users to access the internet more conveniently through its hierarchical naming architecture, dns achieves unified management and resolution of global domain names, providing users with an intuitive and easy to remember method for accessing websites the advantages of dns include an efficient domain name resolution mechanism, a distributed system architecture, robust caching capabilities, and reliable redundancy backups compared to traditional host file based resolution methods, dns is more efficient, reliable, and scalable, delivering a seamless internet access experience for users dns configuration dns configuration enable dns relay function enable dns relay function true 311,174 6031746031746,175 3968253968254#4283c7 unhandled content type #4283c7 unhandled content type #4283c7 unhandled content type unhandled content type unhandled content type unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type configuring dns domain name server configuring dns domain name server true 287,174 57596371882084,199 42403628117916#4283c7 unhandled content type #4283c7 unhandled content type #4283c7 unhandled content type unhandled content type unhandled content type unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type configuring dns request list configuring dns request list true 229,161 51020408163265,270 48979591836735#4283c7 unhandled content type #4283c7 unhandled content type #4283c7 unhandled content type unhandled content type unhandled content type unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type unhandled content type unhandled content type unhandled content type configuring dns acl configuring dns acl true 173,230 10175260872603,257 89824739127397#4283c7 unhandled content type #4283c7 unhandled content type #4283c7 unhandled content type unhandled content type unhandled content type unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type #d8e5f5 unhandled content type unhandled content type unhandled content type unhandled content type display and maintenance display and maintenance true 262,399#4283c7 unhandled content type #4283c7 unhandled content type unhandled content type unhandled content type example of dns acl configuration example of dns acl configuration network requirements enterprise networking hopes to set firewall rules through devices, such as prohibiting all traffic originating from a certain domain group from entering and accessing the intranet from the device in order to ensure that firewall rules can be correctly configured and effective, dns acl rules need to be configured as follows procedure sonic(config)# dns relay enable sonic(config)# dns server 114 114 114 114 sonic(config)# dns query group test sonic(config dns query group test)# query www baidu com sonic(config dns query group test)# query www taobao com sonic(config dns query group test)# exit sonic(config)# access list l3 test1 ingress sonic(config l3 acl test1)# rule 1 src dns group test packet action deny sonic(config l3 acl test1)# exit sonic(config)# interface ethernet 3 sonic(config if 3)# acl test1 sonic(config if 3)# exit