No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - IP Service

AR500, AR510, AR531, AR550, AR1500, and AR2500 V200R010

This document describes the concepts and configuration procedures of IP Service features on the device, and provides the configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Association Between the DNS Server and NQA

Example for Configuring Association Between the DNS Server and NQA

Networking Requirements

As shown in Figure 4-12, Router is the enterprise's gateway device; the PC is the host in the enterprise and is connected to Router through the access switch. At the same time, PC can function as a DNS client to connect to the network using a domain name; Router can function as a DNS proxy to uniformly manage the DNS servers that the enterprise can access. The enterprise can access two DNS servers: Local DNS Server_1 (The mapping between the domain name www.huawei.com and the IP address 10.82.42.59 is recorded) in the local network segment and Remote DNS Server_2 (The mapping between the domain name www.huawei123.com and the IP address 10.46.1.1 is recorded) on the remote end. To improve the domain name resolution efficiency and speed up network access, the enterprise requires that query requests be sent to the DNS servers whose dns function is normal.

Figure 4-12  Configuring association between the DNS Server and NQA

Configuration Roadmap

Associate DNS servers with NQA on Router, so that query requests are only sent to the DNS servers whose dns function is normal.

  1. Configure VLANs for interfaces on the switch to implement Layer 2 transparent transmission.
  2. Configure the DNS client function on PC so that it can connect to the network using a domain name.
  3. Configure the DNS proxy function on Router and associate Router with NQA, so that query requests are only sent to the DNS servers whose dns function is normal.

Procedure

  1. Configure VLANs for interfaces on the switch (using a Huawei S series switch as an example).

    <Huawei> system-view
    [Huawei] sysname Switch
    [Switch] interface gigabitethernet 0/0/1
    [Switch-GigabitEthernet0/0/1] port link-type trunk
    [Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
    [Switch-GigabitEthernet0/0/1] port trunk pvid vlan 10
    [Switch-GigabitEthernet0/0/1] quit
    [Switch] interface gigabitethernet 0/0/2
    [Switch-GigabitEthernet0/0/2] port link-type trunk
    [Switch-GigabitEthernet0/0/2] port trunk allow-pass vlan 10
    [Switch-GigabitEthernet0/0/2] port trunk pvid vlan 10
    [Switch-GigabitEthernet0/0/2] quit
    [Switch] interface gigabitethernet 0/0/3
    [Switch-GigabitEthernet0/0/3] port link-type access
    [Switch-GigabitEthernet0/0/3] port default vlan 10
    [Switch-GigabitEthernet0/0/3] quit
    

  2. Configure the DNS client function on PC.

    1. Right-click Network and choose Properties to display the Network and Sharing Center window.
    2. Click Local Area Connection to display the Local Area Connection Status window.
    3. Click Properties to display the Local Area Connection Properties window.
    4. Select Internet Protocol Version 4 (TCP/IPv4) and click Properties to display the Internet Protocol Version 4 (TCP/IPv4) Properties window. Select Use the following DNS server addresses, enter the DNS Proxy address 10.1.1.1 in the Preferred DNS server text box, and click OK.

  3. Configure the DNS proxy function on Router and associate Router with NQA.

    <Huawei> system-view
    [Huawei] sysname Router
    [Router] dns proxy enable
    [Router] dns resolve
    [Router] nqa test-instance admin localdns
    [Router-nqa-admin-localdns] test-type dns
    [Router-nqa-admin-localdns] dns-server ipv4 10.1.1.2
    [Router-nqa-admin-localdns] destination-address url www.huawei.com
    [Router-nqa-admin-localdns] frequency 30
    [Router-nqa-admin-localdns] start now
    [Router-nqa-admin-localdns] quit
    [Router] nqa test-instance admin remotedns
    [Router-nqa-admin-remotedns] test-type dns
    [Router-nqa-admin-remotedns] dns-server ipv4 10.20.1.2
    [Router-nqa-admin-remotedns] destination-address url www.huawei123.com
    [Router-nqa-admin-remotedns] frequency 30
    [Router-nqa-admin-remotedns] start now
    [Router-nqa-admin-remotedns] quit
    [Router] dns server 10.1.1.2 track nqa admin localdns
    [Router] dns server 10.20.1.2 track nqa admin remotedns
    [Router] interface gigabitethernet 0/0/1
    [Router-GigabitEthernet0/0/1] ip address 10.1.1.1 24
    [Router-GigabitEthernet0/0/1] quit
    [Router] interface gigabitethernet 0/0/2
    [Router-GigabitEthernet0/0/2] ip address 10.20.1.1 24
    [Router-GigabitEthernet0/0/2] quit
    
    NOTE:

    To persistently detect the DNS server status, you need to perform periodical test for NQA test instances. Therefore, run the frequency interval command to set the automatic test interval for NQA test instances.

  4. Verify the configuration.

    # Run the display nqa history test-instance command to check the check result of two test instances, and run the display dns server command to check the states of the two DNS servers. The command output shows that the DNS server state is Up when the NQA check result is success. In this case, dynamic domain name resolution can be performed on the two DNS servers.

    [Router] display nqa history test-instance admin localdns
     NQA entry(admin, localdns) history:   
    Index T/H/P       Response Status       Address         Time     
     1   61/1/1          19ms success      10.82.42.59     2014-06-23 12:01:50.900
     2   62/1/1          19ms success      10.82.42.59     2014-06-23 12:02:20.900
     3   63/1/1          24ms success      10.82.42.59     2014-06-23 12:02:50.900
     4   64/1/1          20ms success      10.82.42.59     2014-06-23 12:03:20.910
     5   65/1/1          15ms success      10.82.42.59     2014-06-23 12:04:19.360
     6   66/1/1          13ms success      10.82.42.59     2014-06-23 12:04:49.260
    
    [Router] display nqa history test-instance admin remotedns
     NQA entry(admin, remotedns) history:   
    Index T/H/P       Response Status       Address         Time     
     1   63/1/1          16ms success      10.46.1.1        2014-06-23 12:04:10.560
     2   64/1/1           5ms success      10.46.1.1        2014-06-23 12:04:40.450
     3   65/1/1           5ms success      10.46.1.1        2014-06-23 12:05:10.490
     4   66/1/1           5ms success      10.46.1.1        2014-06-23 12:05:40.480
     5   67/1/1           5ms success      10.46.1.1        2014-06-23 12:06:10.380
     6   68/1/1           6ms success      10.46.1.1        2014-06-23 12:06:40.350
    
    [Router] display dns server
    Type:                                  
    D:Dynamic     S:Static                 
                                           
    No.  Type   Status   IP Address        
    1     S     Up       10.1.1.2      
    2     S     Up       10.20.1.2    
                                           
    No configured ipv6 dns servers. 
    

    # On Local DNS Server_1, delete the mapping between the domain name www.huawei.com and IP address 10.82.42.59 to simulate the situation in which the DNS server is faulty. Run the display nqa history test-instance command to check the result of two test instances, and run the display dns server command to check the states of the two DNS servers. The command output shows that the NQA check result of Local DNS Server_1 is timeout and the server state is Down. In this case, dynamic domain name resolution is only performed on Remote DNS Server_2.

    [Router] display nqa history test-instance admin localdns
     NQA entry(admin, localdns) history:   
    Index T/H/P       Response Status       Address         Time        
     1    842/1/1       3000ms timeout      unKnown         2014-06-23 18:32:55.240
     2    843/1/1       3000ms timeout      unKnown         2014-06-23 18:33:25.260
     3    844/1/1       3000ms timeout      unKnown         2014-06-23 18:33:55.360
     4    845/1/1       3000ms timeout      unKnown         2014-06-23 18:34:25.390
     5    846/1/1       3000ms timeout      unKnown         2014-06-23 18:34:55.320
     6    847/1/1       3000ms timeout      unKnown         2014-06-23 18:35:25.320
    
    [Router] display nqa history test-instance admin remotedns
     NQA entry(admin, remotedns) history:  
    Index T/H/P       Response Status       Address         Time    
     1    843/1/1         13ms success      10.46.1.1        2014-06-23 18:34:11.130
     2    844/1/1         15ms success      10.46.1.1        2014-06-23 18:34:41.150
     3    845/1/1         18ms success      10.46.1.1        2014-06-23 18:35:11.140
     4    846/1/1         13ms success      10.46.1.1        2014-06-23 18:35:41.160
     5    847/1/1         14ms success      10.46.1.1        2014-06-23 18:36:11.150
     6    848/1/1         16ms success      10.46.1.1        2014-06-23 18:36:41.120
    
    [Router] display dns server
    Type:                                  
    D:Dynamic     S:Static                 
                                           
    No.  Type   Status   IP Address        
    1     S     Down     10.1.1.2      
    2     S     Up       10.20.1.2      
                                           
    No configured ipv6 dns servers. 
    

Configuration Files

  • Configuration file of the switch

    #                                      
    sysname Switch                    
    #                                      
    vlan batch 10      
    #                                      
    interface GigabitEthernet0/0/1        
     port link-type trunk                  
     port trunk pvid vlan 10               
     port trunk allow-pass vlan 10         
    # 
    interface GigabitEthernet0/0/2        
     port link-type trunk                  
     port trunk pvid vlan 10               
     port trunk allow-pass vlan 10         
    # 
    interface GigabitEthernet0/0/3        
     port link-type access                 
     port default vlan 10 
    # 
    return 
  • Configuration file of the router

    #                                      
    sysname Router 
    #
     dns resolve                           
     dns server 10.1.1.2 track nqa admin localdns               
     dns server 10.20.1.2 track nqa admin remotedns 
     dns proxy enable  
    #                                      
    interface GigabitEthernet0/0/1                   
     ip address 10.1.1.1 255.255.255.0     
    # 
    interface GigabitEthernet0/0/2                   
     ip address 10.20.1.1 255.255.255.0     
    # 
    nqa test-instance admin localdns       
     test-type dns                         
     destination-address url www.huawei.com
     frequency 30                          
     dns-server ipv4 10.1.1.2    
     start now                             
    nqa test-instance admin remotedns      
     test-type dns                         
     destination-address url www.huawei123.com    
     frequency 30                          
     dns-server ipv4 10.20.1.2       
     start now                             
    # 
    return 
Translation
Download
Updated: 2019-05-20

Document ID: EDOC1100034231

Views: 78707

Downloads: 51

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next