No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - IP Service

AR100, AR120, AR160, AR1200, AR2200, AR3200, and AR3600 V300R003

This document describes the concepts and configuration procedures of IP Service features on the device, and provides the configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the IPv6 Dynamic Domain Name Resolution

Configuring the IPv6 Dynamic Domain Name Resolution

Context

The IPv6 DNS Proxy/Relay needs to complete dynamic domain name resolution through the DNS server. During dynamic domain name resolution, the DNS server needs to provide the mapping between domain names and IPv6 addresses and receive domain name resolution requests from clients.

Configuring dynamic domain name resolution involves enabling dynamic domain name resolution, configuring an IPv6 address for the DNS server, configuring a source IPv6 address for the local device, and configuring a domain name suffix. If the local device uses an IPv6 address allocated by the DHCPv6 server and the information delivered by the DHCPv6 server to the local device contains the DNS server IPv6 address and the domain name suffix list, you only need to enable dynamic DNS resolution.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run dns resolve

    Dynamic domain name resolution is enabled.

    By default, dynamic DNS resolution is disabled.

  3. Run dns server ipv6 ipv6-address [ interface-type interface-number ]

    An IPv6 address is configured for the DNS server.

    By default, no DNS server IPv6 address is configured.

    NOTE:
    • If the DNS server has only one reachable route containing a specified destination IPv6 address to the device, you need to specify the source IPv6 address in the DNS query request sent from the device to the DNS server.

    • Ensure that the source IPv6 address is the IPv6 address of an interface or logical interface on the device, and there are reachable routes between the interface and the DNS server.

    • Ensure that the source IPv6 address and the IPv6 address of the DNS server are on the same VPN or public network.

  4. (Optional) Run dns server vpn-instance vpn-instance-name

    The device is configured to send DNS query requests to the DNS server on a specified VPN network.

    By default, the device can only send DNS query requests to the DNS server on a public network.

    NOTE:

    If you run this command multiple times, only the latest configuration takes effect.

    The device can send DNS query requests to the DNS server on a public network or specified VPN network.

    The device can respond to DNS query requests sent by DNS clients on multiple VPN networks.

  5. (Optional) Run dns server ipv6 source-ip ipv6-address

    The source IPv6 address of the local device is specified.

    By default, the source IPv6 address is not configured on the device.

    After the IPv6 address of the local device is specified, the device uses the specified IPv6 address to communicate with the DNS server. If no source IPv6 address is configured, the DNS client needs to select a source IPv6 address according to the destination address each time it sends an IPv6 DNS request. If only one route from the DNS server to the device with an IPv6 address is reachable, you need to specify the source IPv6 address in the DNS query message when the device sends a DNS query to the DNS server.

  6. (Optional) Run dns domain domain-name

    A suffix of a domain name is added.

    By default, no domain name suffix is configured on a DNS client.

  7. (Optional) Configure the algorithm mode and retransmission mechanism for a device to send DNS query requests to the DNS server.

    • Run dns-server-select-algorithm { fixed | auto }

      The mode for the device to select the DNS server is configured.

      By default, the mode for a device to select the DNS server is auto.

    • Run dns forward retry-number number

      The number of times for the device to retransmit query requests to the destination DNS server is configured.

      By default, the number of times for a device to retransmit DNS query requests to the destination DNS server is 2.

    • Run dns forward retry-timeout time

      The retransmission timeout period for query requests sent by the device to the destination DNS server is configured.

      By default, the retransmission timeout period for DNS query requests sent by a device to the destination DNS server is 3 seconds.

    NOTE:
    The total timeout period for DNS query requests configured by dns forward retry-number and dns forward retry-timeout cannot be too short. Generally, the default value is recommended. If the time of waiting for the resolution response from the DNS server is too long, and the service exception is caused, you can prolong the retransmission timeout period as required.

  8. (Optional) Configure the DNS resolution policy function.

    To control access traffic, the administrator requires that users can access only some websites on which they can browse only texts or pictures. For example, in Wi-Fi connection scenarios such as in metro or on bus, passengers can access only specified websites. If they attempt to access other websites, their access requests are rejected or redirected to the specified websites. To meet these requirements, perform the following steps:

    1. Run dns resolve policy a

      The DNS resolution policy function for class-A query requests is enabled and the DNS resolution policy view is displayed.

      By default, the DNS resolution policy function for class-A query requests is disabled.

    2. Run rule rule-id [ if-match name hostname ] { deny | permit | spoofing ip-address }

      The DNS resolution rule is configured.

      By default, no DNS resolution rule is configured.

    3. Run quit

      Exit from the DNS resolution policy view.

Translation
Download
Updated: 2019-03-06

Document ID: EDOC1100069333

Views: 36039

Downloads: 182

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next