Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

IOS as DNS and DHCP Server

  • Filter
  • Time
  • Show
Clear All
new posts

  • IOS as DNS and DHCP Server

    I have a question about using Cisco IOS for both a DNS Server and DHCP server for the network at my local church.

    We are currently using a Cisco 1710 with 12.3(14)T5 IOS. Specifically the image is: c1710-k9o3sy-mz.123-14.T5.bin

    We're using the 1710 both for the DHCP server for the network (both static and dynamic DHCP) as well as for the DNS Server.

    What we'd LIKE to do is to allow the 1710 to server as DNS for the local network, and dole out IP addresses assigned via DHCP (either static or dynamic) WITHOUT having to manually use "ip host" to configure the addresses.

    So, if DHCP assigns client "mypc" address, then when I ping "mypc" from another machine (using the router as the DNS server), the router should return IP

    As stated, I'd like to do this without having to put an "ip host" entry for every machine on the network in the router (for both static and dynamic (which of course for dynamic, I really couldn't use "ip host" anyway since I wouldn't know in advance which IP each client would get).

    How do I do this in IOS? This is VERY straightforward with things like dnsmasq, etc...

    Some of the relevant configuration includes (NOTE: IP addresss and domain names changed to protect the innocent ):

    no ip dhcp use vrf connected
    ip dns server
    ip dhcp pool voice-pool
       update dns both override
       option 66 ascii "ftp://user:[email protected]"
       option 2 hex ffff.b9b0
       option 42 ip
    ip dhcp pool phone27
       hardware-address 0001.abcd.ef12
       client-name phone27
       lease infinite
    ip dhcp update dns both override
    ip cef
    ip domain list
    ip domain name
    ip host myserver 
    ip name-server
    ip name-server
    no ip ips deny-action ips-interface
    So here, I specifically would like to be able to ping "phone27" (as well as "" from a PC using the router as the DNS Server, and have it correctly provide IP as the address, WITHOUT using ip host to define it (same thing for non-statically assigned DHCP addresses).

    My hope was the using the "update dns both override" in the parent pool as well as "ip dhcp update dns both override" might make this happen.

    What else needs to be done?

    (If the above should be sufficient, is this something where I need to renew all the DHCP leases and/or restart DHCP on the router (or restart the router) to have take effect? I can do so, but would am remote now (with access to the router remotely, not PCs and other clients).

    Is this even possible on the version of IOS I have? What am I missing here?

    Also - one additional question...

    I am using OpenDNS as my external DNS provider instead of the one by my ISP (variety of resources, domain content filtering is the main one).

    As you can see above, I'm specifying OpenDNS by:

    ip name-server
    ip name-server
    This works fine. However, in the event that the router is passed a hostname that it doesn't recognize, this request is sent to OpenDNS, as technically it SHOULD be...

    However, I would like the router just to fail requests that are in the local domain (ie: INSTEAD of forwarding the DNS request to OpenDNS. This would include things like when only a host name is passed (ie: phone27) or when a FQDN (ie: that is within the local domain is passed.

    However, when any request outside of the local domain (including something like or is passed, I do indeed want this forwarded to OpenDNS.

    Is there a way to make this happen? Normally this would not be an issue, but OpenDNS resolves unknown host names to its own IP addresses in order to provide its ad based search page (ie: pinging "invalidhost", "", or "" actually ping (the OpenDNS address). While this is fine for anything outside of the local domain, I'd rather if the router simply failed to forward the request for anything in the local domain, or without a FQDN.

    Is there anyway to do this as well with the 1710??

    Thanks VERY much for your help!!!