103
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Specify the source
interface for DNS
packets.
dns source-interface
interface-type
interface-number
[
vpn-instance
vpn-instance-name ]
By default, no source interface for DNS packets
is specified.
If you execute the command multiple times, the
most recent configuration takes effect.
If you specify the
vpn-instance
vpn-instance-name option, make sure the
source interface is on the specified VPN.
Configuring the DNS trusted interface
This task enables the device to use only the DNS suffix and domain name server information
obtained through the trusted interface. The device can then obtain the correct resolved IP address.
This feature protects the device against attackers that act as the DHCP server to assign incorrect
DNS suffix and domain name server address.
To configure the DNS trusted interface:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Specify the DNS trusted
interface.
dns trust
-
interface
interface-type
interface-number
By default, no DNS trusted
interface is specified.
You can configure up to 128 DNS
trusted interfaces.
Setting the DSCP value for outgoing DNS packets
The DSCP value of a packet specifies the priority level of the packet and affects the transmission
priority of the packet. A bigger DSCP value represents a higher priority.
To set the DSCP value for outgoing DNS packets:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Set the DSCP value for
outgoing DNS packets.
• DSCP value for IPv4 DNS
packets:
dns dscp dscp-value
• DSCP value for IPv6 DNS
packets:
ipv6 dns dscp dscp-value
By default, the DSCP value for
outgoing DNS packets is 0.
The configuration is available on
DNS clients and DNS proxy
devices.
Displaying and maintaining IPv4 DNS
Execute display commands in any view and reset commands in user view.
Task Command
Display the domain name resolution
table.
display dns host
[
ip
|
ipv6
] [
vpn-instance
vpn-instance-name ]
To Next Page
Loading...
Need help?
General
