Products & Services

Training & Events

Partner Central

Hierarchical Navigation

HOME
- SUPPORT
  - PRODUCT SUPPORT
    - END-OF-SALE AND END-OF-LIFE PRODUCTS
      - CISCO IOS SOFTWARE RELEASES 12.3 T
        CONFIGURE
        FEATURE GUIDES
        DNS Spoofing

Cisco IOS Software Releases 12.3 T

DNS Spoofing

Downloads

DNS Spoofing

Table Of Contents

DNS Spoofing

Contents

Restrictions

How to Configure DNS Spoofing

Configuring DNS Spoofing

Configuration Examples for DNS Spoofing

DNS Spoofing: Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

ip dns spoofing

Glossary

DNS Spoofing

The DNS Spoofing feature is designed to allow a router to act as a proxy Domain Name System (DNS) server and "spoof" replies to any DNS queries using either the configured IP address in the ip dns spoofing ip-address command or the IP address of the incoming interface for the query. This feature is useful for devices where the interface toward the Internet service provider (ISP) is not up. Once the interface to the ISP is up, the router forwards DNS queries to the real DNS servers.

Feature History for the DNS Spoofing Feature

Release

Modification

12.3(2)T

This feature was introduced.

12.2(28)SB

This feature was integrated into Cisco IOS Release 12.2(28)SB.

Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

•Restrictions

•How to Configure DNS Spoofing

•Configuration Examples for DNS Spoofing

•Additional References

•Command Reference

•Glossary

Restrictions

Addresses returned with this feature will not be sortable via Distributed Director.

How to Configure DNS Spoofing

This section contains the following procedure:

•Configuring DNS Spoofing (required)

Configuring DNS Spoofing

This feature turns on DNS spoofing and is functional if any of the following conditions are true:

•The no ip domain-lookup command is configured.

•IP name server addresses are not configured.

•There are no valid interfaces or routes for sending to the configured name server addresses.

If these conditions are removed, DNS spoofing will not occur.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip dns server

4. ip dns spoofing [ip-address]

DETAILED STEPS

Command or Action

Purpose

Step 1

enable
Example:

Router> enable

Enables privileged EXEC mode.

•Enter your password if prompted.

Step 2

configure terminal
Example:

Router# configure terminal

Enters global configuration mode.

Step 3

ip dns server
Example:

Router(config)# ip dns server

Activates the DNS server on the router.

Step 4

ip dns spoofing [ip-address]
Example:

Router(config)# ip dns spoofing 192.168.15.1

Enables DNS spoofing.

•The router will respond to the DNS query with the configured ip-address when queried for any host name other than its own.

•The router will respond to the DNS query with the IP address of the incoming interface when queried for its own host name.

•The host name used in the DNS query is defined as the exact configured host name of the router specified by the hostname name command

Configuration Examples for DNS Spoofing

This section provides the following configuration example:

•DNS Spoofing: Example

DNS Spoofing: Example

In the following example, the router is configured to spoof replies to any DNS queries:
ip dns server
ip dns spoofing
no ip domain-lookup
interface e3/1
 ip address 10.1.1.1 255.255.255.0
Additional References

The following section provides additional information related to the DNS Spoofing feature.

Related Documents

Related Topic

Document Title

Commands related to DNS

Cisco IOS IP Command Reference, Volume 1 of 4: Addressing and Services, Release 12.3 T

Mapping host names to IP addresses

"Configuring IP Addressing" chapter of the Cisco IOS IP Configuration Guide

Standards

Standards

Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

—

MIBs

MIBs

MIBs Link

No new MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

RFCs

RFCs

Title

No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.

—

Technical Assistance

Description

Link

Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/public/support/tac/home.shtml

Command Reference

This section documents a new command. All other commands used with this feature are documented in the Cisco IOS Release 12.3T command reference publications.

•ip dns spoofing

ip dns spoofing

To enable Domain Name System (DNS) spoofing, use the ip dns spoofing command in global configuration mode. To disable DNS spoofing, use the no form of this command.

ip dns spoofing [ip-address]
no ip dns spoofing [ip-address]
Syntax Description

ip-address

(Optional) IP address used in replies to DNS queries.

Defaults

No default behavior or values

Command Modes

Global configuration

Command History

Release

Modification

12.3(2)T

This command was introduced.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

Usage Guidelines

DNS spoofing allows a router to act as a proxy DNS server and "spoof" replies to any DNS queries using either the configured IP address in the ip dns spoofing command or the IP address of the incoming interface for the query. This functionality is useful for devices where the interface toward the ISP is not up. Once the interface to the ISP is up, the router forwards DNS queries to the real DNS servers.

The router will respond to the DNS query with the configured IP address when queried for any host name other than its own but will respond to the DNS query with the IP address of the incoming interface when queried for its own host name.

The host name used in the DNS query is defined as the exact configured host name of the router specified by the hostname command, with no default domain appended. For example, in the following configuration:
ip domain name cisco.com
hostname host1
The system would respond with a DNS spoofing reply if queried for "host1" but not for "host1.cisco.com".

Examples

In the following example, the router will respond to a DNS query with an IP address of 192.168.15.1:

ip dns spoofing 192.168.15.1

Glossary

DNS—Domain Name System. System used in the Internet for translating names of network nodes into addresses.

Note Refer to Internetworking Terms and Acronyms for terms not included in this glossary.

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
Copyright © 2006 Cisco System s, Inc. All rights reserved.