To configure the DNS Resource as a Server type the following command:
[11:56:50] ABILIS_CPX:s p dns act:yes server:yes
COMMAND EXECUTED [11:57:20] ABILIS_CPX:d p dns
RES:Dns - Not Saved (SAVE CONF), Not Refreshed (INIT) ------------------------- ------------------------------------------------------------------------ Run DESCR:Domain_Name_System LOG:NO ACT:YES udp-locport:53 SRCADD:OUT-IP TOS:0-N wdir:C:\APP\DNS\ - Resolver ------------------------------------------------------------- SERVERS:AUTO PRIMARY:# SECONDARY:# DELAY:5 RTY:1 CACHE:YES cache-size:500 - Relay/Server --------------------------------------------------------- RELAY:NO relay-size:500 RELAY-TOUT:10 RELAY-BLACKLIST:YES RELAY-BLACKLIST-BYPASS:# RELAY-LOG-REQUESTERS: SERVER:YES IPSRC:* IPSRCLIST:#
Filters on the IP addresses allowed to the DNS service can be
applied by combining the parameters IPSRC
and
IPSRCLIST
.
In the following example, the “DNS_Allowed” list will be created and the range of IP from 192.168.1.10 to 192.168.1.50 will be added; otherwise, the address 192.168.1.100 will be set as the IP address Source.
[17:46:50] ABILIS_CPX:list create DNS_Allowed ir IP_Addresses_allowed_to_DNS_service
COMMAND EXECUTED [17:48:04] ABILIS_CPX:a list:dns_allowed 192.168.1.10:192.168.1.50
COMMAND EXECUTED [17:48:19] ABILIS_CPX:d list:dns_allowed
- Not Saved (SAVE CONF) ------------------------------------------------------- LIST:DNS_Allowed - IR IP_Addresses_allowed_to_DNS_service 192.168.001.010:192.168.001.050 [17:49:20] ABILIS_CPX:s p dns ipsrc:192.168.1.100 ipsrclist:dns_allowed
COMMAND EXECUTED [17:49:23] ABILIS_CPX:d p dns RES:Dns - Not Saved (SAVE CONF), Not Refreshed (INIT) ------------------------- ------------------------------------------------------------------------ Run DESCR:Domain_Name_System LOG:NO ACT:YES udp-locport:53 SRCADD:OUT-IP TOS:0-N wdir:C:\APP\DNS\ - Resolver ------------------------------------------------------------- SERVERS:AUTO PRIMARY:# SECONDARY:# DELAY:5 RTY:1 CACHE:YES cache-size:500 - Relay/Server --------------------------------------------------------- RELAY:NO relay-size:500 RELAY-TOUT:10 RELAY-BLACKLIST:YES RELAY-BLACKLIST-BYPASS:# RELAY-LOG-REQUESTERS: SERVER:YES IPSRC:192.168.001.100 IPSRCLIST:DNS_Allowed
Caution | |
---|---|
To activate the changes made on the upper case parameters, execute the initialization command init res:dns; while to set act the changes made on the lowercase parameters a save conf and an Abilis restart are required (i.e. With warm start command). |
DNS server table can store up to 300 definitions (association between IP address and name). The table can be displayed with the following command. The d dns ? command displays the meaning of parameters.
[17:08:16] ABILIS_CPX:d dns server
Total records:0 Direct Lookup:0 Reverse Lookup:0 D&R Lookup:0
-------------------------------------------------------------------------------
ID: DIR: NAME: IP: TTL:
-------------------------------------------------------------------------------
*** NO DNS SERVER ENTRIES DEFINED ***
Meaning of the fields:
ID
DNS server table entry identifier [1..300].
DIR
Usage of the record [D
(direct): domain
names are translated into IP addresses; R
(reverse): it is allowed the inverse lookup of the DNS record;
DR
(direct and reverse): the two features are
allowed].
NAME
Domain name. Max 128 characters ['0'..'9', 'A'..'Z', 'a'..'z', '-', '.'].
IP
IP address [1-126.x.x.x, 127.0.0.1, 128-223.x.x.x].
TTL
Time to live that this record will have in requester cache [0..604800 sec.].
The previous DNS records Table can be managed with these commands:
d dns : displays all Local DNS server table entries;
d dns filter:val [filter:val] : displays any Local DNS server table entry matching the specified filter(s);
a dns id:val name:<name> ip:<ip> [par:val] : adds a Local DNS server table entry;
c dns id:val : clears a Local DNS server table entry;
s dns id:val [par:val] : sets parameters of a Local DNS server table entry.
Example: assign to the IP addresses 192.168.1.20 and 192.168.1.30 the domain names john.lan and frank.lan; the first entry will be set as direct, while the second as “both” (direct+reverse).
[17:10:12] ABILIS_CPX:a dns server id:1 dir:d name:john.lan ip:192.168.1.20
COMMAND EXECUTED [17:10:21] ABILIS_CPX:a dns server id:2 dir:dr name:frank.lan ip:192.168.1.30
COMMAND EXECUTED [17:10:46] ABILIS_CPX:d dns server
- Not Saved (SAVE CONF) ------------------------------------------------------- Total records:2 Direct Lookup:1 Reverse Lookup:0 D&R Lookup:1 - Direct Lookup records: ------------------------------------------------------ ID: DIR: NAME: IP: TTL: ------------------------------------------------------------------------------- 1 D john.lan 192.168.001.020 3600 2 DR frank.lan 192.168.001.030 3600 - Reverse Lookup records: ----------------------------------------------------- ID: DIR: NAME: IP: TTL: ------------------------------------------------------------------------------- 2 DR frank.lan 192.168.001.030 3600
Caution | |
---|---|
Changes made in the DNS Server Table don't require initialization commands. |
Set the PC DNS address to point to the IP address of the CPX. Now ping from a PC one of the domain names configured in the DNS server table; the result will be:
C:\Documents and Settings\Administrator>ping frank.lan
Pinging frank.lan [192.168.0.30] with 32 bytes of data:
Reply from 192.168.1.30: bytes=32 time<1ms TTL=64
Reply from 192.168.1.30: bytes=32 time<1ms TTL=64
Reply from 192.168.1.30: bytes=32 time<1ms TTL=64
Reply from 192.168.1.30: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.1.30:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
The DNS resolver gives the chance to choose two different set of DNS:
One for domain lookup (translation from host name to IP address);
One for reverse lookup (translation from IP address to host name).
Each set is composed from a primary and a secondary DNS server.
Use the following command to add a primary DNS Server (IP address 1.1.1.1) and a secondary DNS Server (IP address 2.2.2.2) for the domain mydomain.test. The DNS resource uses these servers to resolve <any>.mydomain.test.
[19:32:57] ABILIS_CPX:a dns resolver domain id:1 name:mydomain.test pri:1.1.1.1 sec:2.2.2.2
COMMAND EXECUTED [19:33:08] ABILIS_CPX:d dns resolver domain
- Not Saved (SAVE CONF) ------------------------------------------------------- ------------------------------------------------------------------------------- ID: NAME: PRI: SEC: ------------------------------------------------------------------------------- 1 mydomain.test 001.001.001.001 002.002.002.002 [19:33:34] ABILIS_CPX:save conf
VALIDATION IN PROGRESS ... VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED
Type the command s dns resolver domain id:1 [parameterN:valueN] to modify an existing entry.
[10:09:54] ABILIS_CPX:s dns resolver domain id:1 pri:3.3.3.3
COMMAND EXECUTED [10:12:57] ABILIS_CPX:d dns resolver domain
- Not Saved (SAVE CONF) ------------------------------------------------------- ------------------------------------------------------------------------------- ID: NAME: PRI: SEC: ------------------------------------------------------------------------------- 1 mydomain.test 003.003.003.003 002.002.002.002 [10:12:58] ABILIS_CPX:save conf
VALIDATION IN PROGRESS ... VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED
Use the following command to clear the entry identified by id:N.
[10:19:52] ABILIS_CPX:c dns resolver domain id:1
COMMAND EXECUTED [10:20:02] ABILIS_CPX:d dns resolver domain
- Not Saved (SAVE CONF) ------------------------------------------------------- ------------------------------------------------------------------------------- ID: NAME: PRI: SEC: ------------------------------------------------------------------------------- *** NO DNS RESOLVER DOMAIN ENTRIES DEFINED ***
Use the following command to add a primary DNS Server (IP address 192.168.0.1) and a secondary DNS Server (IP address 192.168.0.2) for the IP network 10.10.10.0/24. The DNS resource uses these servers to do a reverse lookup for the net 10.10.10.0/24.
[19:36:11] ABILIS_CPX:a dns resolver reverse id:1 net:10.10.10.0/24 pri:192.168.0.1 sec:192.168.0.2
COMMAND EXECUTED [19:36:43] ABILIS_CPX:d dns resolver reverse
- Not Saved (SAVE CONF) ------------------------------------------------------- ------------------------------------------------------------------------------- ID: NET: PRI: SEC: ------------------------------------------------------------------------------- 1 010.010.010.000/24 192.168.000.001 192.168.000.002 [19:37:04] ABILIS_CPX:save conf
VALIDATION IN PROGRESS ... VALIDATION SUCCESSFULLY EXECUTED SAVE EXECUTED
Displaying, modifying or clearing an entry can be done using the same command explained above, replacing the domain with reverse:
Table 31.1. Managing DNS resolver table
d dns resolver reverse | To display the reverse DNS Resolver parameters |
s dns resolver reverse pri:192.168.0.5 | To set the IP address of primary DNS Server equal to 192.168.0.5 |
c dns resolver reverse id:1 | To clear the entry identified by id equal to 1 |