Example for Configuring Association Between the DNS Server and NQA

NetEngine AR V300R019 CLI-based Configuration Guide - IP Service

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Networking Requirements

As shown in Figure 4-12, Router is the enterprise's gateway device; the PC is the host in the enterprise and is connected to Router through the access switch. At the same time, PC can function as a DNS client to connect to the network using a domain name; Router can function as a DNS proxy to uniformly manage the DNS servers that the enterprise can access. The enterprise can access two DNS servers: Local DNS Server_1 (The mapping between the domain name www.huawei.com and the IP address 10.82.42.59 is recorded) in the local network segment and Remote DNS Server_2 (The mapping between the domain name www.huawei123.com and the IP address 10.46.1.1 is recorded) on the remote end. To improve the domain name resolution efficiency and speed up network access, the enterprise requires that query requests be sent to the DNS servers whose dns function is normal.

Figure 4-12 Configuring association between the DNS Server and NQA

Configuration Roadmap

Associate DNS servers with NQA on Router, so that query requests are only sent to the DNS servers whose dns function is normal.

Configure VLANs for interfaces on the switch to implement Layer 2 transparent transmission.
Configure the DNS client function on PC so that it can connect to the network using a domain name.
Configure the DNS proxy function on Router and associate Router with NQA, so that query requests are only sent to the DNS servers whose dns function is normal.

Procedure

Configure VLANs for interfaces on the switch (using a Huawei S series switch as an example).

<Huawei> system-view
[Huawei] sysname Switch
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type trunk
[Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[Switch-GigabitEthernet0/0/1] port trunk pvid vlan 10
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type trunk
[Switch-GigabitEthernet0/0/2] port trunk allow-pass vlan 10
[Switch-GigabitEthernet0/0/2] port trunk pvid vlan 10
[Switch-GigabitEthernet0/0/2] quit
[Switch] interface gigabitethernet 0/0/3
[Switch-GigabitEthernet0/0/3] port link-type access
[Switch-GigabitEthernet0/0/3] port default vlan 10
[Switch-GigabitEthernet0/0/3] quit

Configure the DNS client function on PC.
1. Right-click Network and choose Properties to display the Network and Sharing Center window.
2. Click Local Area Connection to display the Local Area Connection Status window.
3. Click Properties to display the Local Area Connection Properties window.
4. Select Internet Protocol Version 4 (TCP/IPv4) and click Properties to display the Internet Protocol Version 4 (TCP/IPv4) Properties window. Select Use the following DNS server addresses, enter the DNS Proxy address 10.1.1.1 in the Preferred DNS server text box, and click OK.

Configure the DNS proxy function on Router and associate Router with NQA.

<Huawei> system-view
[Huawei] sysname Router
[Router] dns proxy enable
[Router] dns resolve
[Router] nqa test-instance admin localdns
[Router-nqa-admin-localdns] test-type dns
[Router-nqa-admin-localdns] dns-server ipv4 10.1.1.2
[Router-nqa-admin-localdns] destination-address url www.huawei.com
[Router-nqa-admin-localdns] frequency 30
[Router-nqa-admin-localdns] start now
[Router-nqa-admin-localdns] quit
[Router] nqa test-instance admin remotedns
[Router-nqa-admin-remotedns] test-type dns
[Router-nqa-admin-remotedns] dns-server ipv4 10.20.1.2
[Router-nqa-admin-remotedns] destination-address url www.huawei123.com
[Router-nqa-admin-remotedns] frequency 30
[Router-nqa-admin-remotedns] start now
[Router-nqa-admin-remotedns] quit
[Router] dns server 10.1.1.2 track nqa admin localdns
[Router] dns server 10.20.1.2 track nqa admin remotedns
[Router] interface gigabitethernet 0/0/1
[Router-GigabitEthernet0/0/1] ip address 10.1.1.1 24
[Router-GigabitEthernet0/0/1] quit
[Router] interface gigabitethernet 0/0/2
[Router-GigabitEthernet0/0/2] ip address 10.20.1.1 24
[Router-GigabitEthernet0/0/2] quit

To persistently detect the DNS server status, you need to perform periodical test for NQA test instances. Therefore, run the frequency interval command to set the automatic test interval for NQA test instances.

Verify the configuration.

# Run the display nqa history test-instance command to check the check result of two test instances, and run the display dns server command to check the states of the two DNS servers. The command output shows that the DNS server state is Up when the NQA check result is success. In this case, dynamic domain name resolution can be performed on the two DNS servers.

[Router] display nqa history test-instance admin localdns
 NQA entry(admin, localdns) history:   
Index T/H/P       Response Status       Address         Time     
 1   61/1/1          19ms success      10.82.42.59     2014-06-23 12:01:50.900
 2   62/1/1          19ms success      10.82.42.59     2014-06-23 12:02:20.900
 3   63/1/1          24ms success      10.82.42.59     2014-06-23 12:02:50.900
 4   64/1/1          20ms success      10.82.42.59     2014-06-23 12:03:20.910
 5   65/1/1          15ms success      10.82.42.59     2014-06-23 12:04:19.360
 6   66/1/1          13ms success      10.82.42.59     2014-06-23 12:04:49.260

[Router] display nqa history test-instance admin remotedns
 NQA entry(admin, remotedns) history:   
Index T/H/P       Response Status       Address         Time     
 1   63/1/1          16ms success      10.46.1.1        2014-06-23 12:04:10.560
 2   64/1/1           5ms success      10.46.1.1        2014-06-23 12:04:40.450
 3   65/1/1           5ms success      10.46.1.1        2014-06-23 12:05:10.490
 4   66/1/1           5ms success      10.46.1.1        2014-06-23 12:05:40.480
 5   67/1/1           5ms success      10.46.1.1        2014-06-23 12:06:10.380
 6   68/1/1           6ms success      10.46.1.1        2014-06-23 12:06:40.350

[Router] display dns server
Type:
D:Dynamic     S:Static

IPv4 DNS server :
NO. Type Status Used IP Address
1   S     Up    Yes  10.1.1.2      
2   S     Up    Yes  10.20.1.2  

IPv6 DNS servers :
NO. Type Status Used IPv6 Address                            Interface

# On Local DNS Server_1, delete the mapping between the domain name www.huawei.com and IP address 10.82.42.59 to simulate the situation in which the DNS server is faulty. Run the display nqa history test-instance command to check the result of two test instances, and run the display dns server command to check the states of the two DNS servers. The command output shows that the NQA check result of Local DNS Server_1 is timeout and the server state is Down. In this case, dynamic domain name resolution is only performed on Remote DNS Server_2.

[Router] display nqa history test-instance admin localdns
 NQA entry(admin, localdns) history:   
Index T/H/P       Response Status       Address         Time        
 1    842/1/1       3000ms timeout      unKnown         2014-06-23 18:32:55.240
 2    843/1/1       3000ms timeout      unKnown         2014-06-23 18:33:25.260
 3    844/1/1       3000ms timeout      unKnown         2014-06-23 18:33:55.360
 4    845/1/1       3000ms timeout      unKnown         2014-06-23 18:34:25.390
 5    846/1/1       3000ms timeout      unKnown         2014-06-23 18:34:55.320
 6    847/1/1       3000ms timeout      unKnown         2014-06-23 18:35:25.320

[Router] display nqa history test-instance admin remotedns
 NQA entry(admin, remotedns) history:  
Index T/H/P       Response Status       Address         Time    
 1    843/1/1         13ms success      10.46.1.1        2014-06-23 18:34:11.130
 2    844/1/1         15ms success      10.46.1.1        2014-06-23 18:34:41.150
 3    845/1/1         18ms success      10.46.1.1        2014-06-23 18:35:11.140
 4    846/1/1         13ms success      10.46.1.1        2014-06-23 18:35:41.160
 5    847/1/1         14ms success      10.46.1.1        2014-06-23 18:36:11.150
 6    848/1/1         16ms success      10.46.1.1        2014-06-23 18:36:41.120

[Router] display dns server
Type:                                  
D:Dynamic     S:Static                 
                                       
No.  Type   Status   IP Address        
1     S     Down     10.1.1.2      
2     S     Up       10.20.1.2      
                                       
No configured ipv6 dns servers.

Configuration Files

Configuration file of the switch

#                                      
sysname Switch                    
#                                      
vlan batch 10      
#                                      
interface GigabitEthernet0/0/1        
 port link-type trunk                  
 port trunk pvid vlan 10               
 port trunk allow-pass vlan 10         
# 
interface GigabitEthernet0/0/2        
 port link-type trunk                  
 port trunk pvid vlan 10               
 port trunk allow-pass vlan 10         
# 
interface GigabitEthernet0/0/3        
 port link-type access                 
 port default vlan 10 
# 
return

Configuration file of the router

#                                      
sysname Router 
#
 dns resolve
 dns server 10.1.1.2 track nqa admin localdns               
 dns server 10.20.1.2 track nqa admin remotedns 
 dns proxy enable  
#                                      
interface GigabitEthernet0/0/1    
 ip address 10.1.1.1 255.255.255.0     
# 
interface GigabitEthernet0/0/2         
 ip address 10.20.1.1 255.255.255.0     
# 
nqa test-instance admin localdns       
 test-type dns                         
 destination-address url www.huawei.com
 frequency 30                          
 dns-server ipv4 10.1.1.2    
 start now                             
nqa test-instance admin remotedns      
 test-type dns                         
 destination-address url www.huawei123.com    
 frequency 30                          
 dns-server ipv4 10.20.1.2       
 start now                             
# 
return

Translation

简体中文

Download

Updated: 2023-05-18

Document ID: EDOC1100112351

Downloads: 755

Average rating:

This Document Applies to these Products

Related Version

Digital Signature File

Digital Signature Authentication Mode

Enterprise

Huawei Cloud

Carrier

Consumer

Corporate