DNS is a host name to IP address translation service. DNS is a distributed database implemented in a hierarchy of name servers. It is an application layer protocol for message exchange between clients and servers. Every host is identified by the IP address but remembering numbers is very difficult for the people and also the IP addresses are not static therefore a mapping is required to change the domain name to IP address. So DNS is used to convert the domain name of the websites to their numerical IP address.
DNS Overview
If your network devices require connectivity with devices in networks for which you do not control name assignment, you can assign device names that uniquely identify your devices within the entire internetwork. The global naming scheme of the Internet, the DNS, accomplishes this task. This service is enabled by default. The following sections summarize DNS concepts and function.
Hostnames for Network Devices – Each unique IP address can have an associated hostname. DNS uses a hierarchical scheme for establishing hostnames for network nodes. This allows local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address.
Domains Names for Groups of Networks – IP defines a naming scheme that allows a device to be identified by its location in the IP. This is a hierarchical naming scheme that provides for domains. On the Internet, a domain is a portion of the naming hierarchy tree that refers to general groupings of networks based on organization type or geography. Domain names are pieced together with periods (.) as the delimiting characters. For example, Cisco is a commercial organization that the IP identifies by a com domain name, so its domain name is cisco.com. A specific device in this domain, the File Transfer Protocol (FTP) system, for example, is identified as ftp.cisco.com.
Name Servers – To keep track of domain names, IP has defined the concept of a name server. Name servers are programs that have complete information about their namespace portion of the domain tree and may also contain pointers to other name servers that can be used to lead to information from any other part of the domain tree. Name servers know the parts of the domain tree for which they have complete information. A name server may also store information about other parts of the domain tree. Before domain names can be mapped to IP addresses, you must first identify the hostnames, then specify a name server, and enable the DNS service.
Cache – To speed the process of converting names to addresses, the name server maintains a database, called a cache, of hostname-to-address mappings for use by the connect, telnet, and ping EXEC commands, and related Telnet support operations. The cache stores the results from previous responses. Upon receiving a client-issued DNS query, the name server will check this local storage to see if the answer is available locally.
Name Resolvers – Name resolvers are programs that extract information from name servers in response to client requests. Resolvers must be able to access at least one name server. The resolver either uses that name server’s information to answer a query directly or pursues the query using referrals to other names servers. A resolver will typically be a system routine that is directly accessible to user programs. Therefore, no protocol is necessary between the resolver and the user program.
Zones – The domain namespace is divided into areas called zones that are points of delegation in the DNS tree. A zone contains all domains from a certain point downward, except those for which other zones are authoritative.
Authoritative Name Servers – A name server is said to be an authority for the parts of the domain tree for which it has complete information. A zone usually has an authoritative name server, often more than one. An authoritative name server has been configured with host table information or has acquired host table information though a zone transfer (the action that occurs when a secondary DNS server starts up and updates itself from the primary server).
Hierarchy of Name Servers
Root name servers
It is contacted by name servers that can not resolve the name. It contacts authoritative name server if name mapping is not known. It then gets the mappin g and return the IP address to the host.
Top level server
It is responsible for com, org, edu etc and all top level country domains like uk, fr, ca, in etc. They have info about authoritative domain servers and know names and IP addresses of each authoritative name server for the second level domains.
Authoritative name servers
This is organization’s DNS server, providing authoritative hostname to IP mapping for organization servers. It can be maintained by organization or service provider. In order to reach cse.dtu.in we have to ask the root DNS server, then it will point out to the top level domain server and then to authoritative domain name server which actually contains the IP address. So the authoritative domain server will return the associative ip address.
Domain :
There are various kinds of DOMAIN :
1. Generic domain : .com(commercial) .edu(educational) .mil(military) .org(non profit organization) .net(similar to commercial) all these are generic domain.
2. Country domain .ae (UAE) .in(INDIA) .us(UNITED STATES) .uk (UNITED KINGDOM) .np(NEPAL) .au(AUSTRALIA) .pk(PAKISTAN)
3. Inverse domain if we want to know what is the domain name of the website. Ip to domain name mapping.So DNS can provide both the mapping for example to find the ip addresses of ictkb.com then we have to type nslookup www.ictkb.com.

The client machine sends a request to the local name server, which , if root does not find the address in its database, sends a request to the root name server, which in turn, will route the query to an intermediate or authoritative name server. The root name server can also contain some hostName to IP address mappings. The intermediate name server always knows who the authoritative name server is. So finally the IP address is returned to the local name server which in turn returns the IP address to the host.
How to Configure DNS
Configuring the Device as a DNS Server
Perform this task to configure the device as a DNS server. A Cisco IOS device can provide service to DNS clients, acting as both a caching name server and as an authoritative name server for its own local host table. When configured as a caching name server, the device relays DNS requests to other name servers that resolve network names into network addresses. The caching name server caches information learned from other name servers so that it can answer requests quickly, without having to query other servers for each transaction.
When configured as an authoritative name server for its own local host table, the device listens on port 53 for DNS queries and then answers DNS queries using the permanent and cached entries in its own host table. An authoritative name server usually issues zone transfers or responds to zone transfer requests from other authoritative name servers for the same zone. However, the Cisco IOS DNS server does not perform zone transfers.
When it receives a DNS query, an authoritative name server handles the query as follows:
1. If the query is for a domain name that is not under its zone of authority, the authoritative name server determines whether to forward the query to specific back-end name servers based on whether IP DNS-based hostname-to-address translation has been enabled via the ip domain lookup command.
2. If the query is for a domain name that is under its zone of authority and for which it has configuration information, the authoritative name server answers the query using the permanent and cached entries in its own host table.
3. If the query is for a domain name that is under its zone of authority but for which it does not have any configuration information, the authoritative name server does not forward the query elsewhere for a response; instead the authoritative name server simply replies that no such information exists.
STEPS:
Device>enable
Device#configure terminal
Device(config)#ip dns server
[Activates the DNS server on the device]Device(config)#ip name-server server-address1 [server-address2... server-address6]
[Example: Device(config)# ip name-server 192.168.2.120 192.168.2.121 ]Device(config)#ip dns server queue limit forwarder queue-size-limit
[Example: Device(config)# ip dns server queue limit forwarder 10] , [Configures a limit to the size of the queues used by the DNS server processes.]Device(config)#ip host [vrf vrf-name] [view view-name] hostname {address1 [address2 ... address8] | additional address9 [address10 ... addressn]}
[Device(config)# ip host user1.example.com 192.168.201.5 192.168.201.6] [(Optional) Configures local hosts.]Device(config)#ip dns primary domain-name soa primary-server-name mailbox-name [refresh-interval [retry-interval [expire-ttl [minimum-ttl]]]]
[Device(config)# ip dns primary example.com soa ns1.example.com mb1.example.com], [Configures the device as the primary DNS name server for a domain (zone) and as the start of authority (SOA) record source (which designates the start of a zone).]
Device(config)#ip host domain-name ns server-name
[Device(config)# ip host example.com ns ns1.example.com ], [(Optional) Configures the device to create an name server (NS) resource record to be returned when the DNS server is queried for the associated domain.]
Configuring DNS Spoofing
Perform this task to configure DNS spoofing. DNS spoofing is designed to allow a device to act as a proxy DNS server and “spoof” replies to any DNS queries using either the configured IP address in the ip dns spoofing ip-address
command or the IP address of the incoming interface for the query. This feature is useful for devices where the interface toward the Internet service provider (ISP) is not up. Once the interface to the ISP is up, the device forwards DNS queries to the real DNS servers.
This feature turns on DNS spoofing and is functional if any of the following conditions are true:
- The no ip domain lookup command is configured.
- IP name server addresses are not configured.
- There are no valid interfaces or routes for sending to the configured name server addresses.
If these conditions are removed, DNS spoofing will not occur.Device>enable
Device#configure terminal
Device#ip dns server
Device#ip dns spoofing [ip-address]
[Device(config)# ip dns spoofing 192.168.15.1], [Configures DNS spoofing.The IP address used for DNS spoofing can be an IPv4 or IPv6 address. The device will respond to the DNS query with the configured ip-address when queried for any hostname other than its own. The device will respond to the DNS query with the IP address of the incoming interface when queried for its own hostname.]
Mapping Hostnames to IP Addresses
Perform this task to map hostnames to IP addresses. A name server is used to keep track of information associated with domain names. A name server can maintain a database of hostname-to-address mappings. Each name can map to one or more IP addresses. In order to use this service to map domain names to IP addresses, you must specify a name server.
The name lookup system can be statically configured using the commands described in this task. Some other functions in Cisco IOS software, such as DHCP, can dynamically modify the state of the name lookup system. Use the show hosts
command to display the cached hostnames and the DNS configuration.Device>enable
, [Defines a static hostname-to-address mapping in the hostname cache. The host IP address can be an IPv4 or IPv6 address. Typically, it is easier to refer to network devices by symbolic names rather than numerical addresses (services such as Telnet can use hostnames or addresses). Hostnames and IP addresses can be associated with one another through static or dynamic means. Manually assigning hostnames to addresses is useful when dynamic mapping is not available.]
Device#configure terminal
Device(config)#ip host name [tcp-port-number] address1 [address2 ... address8]
[Device(config)# ip host cisco-rtp 192.168.0.148]Device(config)# ip domain name [name]
, [Defines a default domain name that the Cisco IOS software will use to complete unqualified hostnames.]
[Device(config)# ip domain name cisco.com]
OR,ip domain list [name]
, [Defines a list of default domain names to complete unqualified hostnames.]
[Device(config)# ip domain list cisco1.comDevice(config)#ip name-server server-address1 [server-address2 ... server-address6]
[Device(config)# ip name-server 172.16.1.111 172.16.1.2]
, [Specifies one or more hosts (up to six) that can function as a name server to supply name information for DNS.]Device(config)#ip domain lookup [source-interface interface-type [interface-number]
, [ Enables DNS-based address translation. DNS is enabled by default. Use this command if DNS has been disabled.]
[Device(config)# ip domain lookup]