Configuring dns spoofing, Configuration prerequisites, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual

224

Step Command

Remarks

3.

Specify a DNS server.

•

(Approach 1) System view
dns server ip-address

•

(Approach 2) Interface view

a.

interface interface-type

interface-number

b.

dns server ip-address

Use either approach.
No DNS server is specified by
default.

NOTE:

You can specify multiple DNS servers by using the dns server command repeatedly. Upon receiving a
name query request from a client, the DNS proxy forwards the request to the DNS server that has the
highest priority. If having not received a reply, it forwards to the request to a DNS server that has the

second highest priority, and thus in turn.

Configuring DNS spoofing

Configuration prerequisites

DNS spoofing is effective only when:

•

The DNS proxy is enabled on the firewall.

•

No DNS server or route to any DNS server is specified on the firewall.

Configuration procedure

To configure DNS spoofing:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable DNS spoofing and specify the
translated IP address.

dns spoofing ip-address Disabled

by

default.

Displaying and maintaining IPv4 DNS

Task Command

Remarks

Display the static IPv4 domain name
resolution table.

display ip host [ | { begin | exclude |
include } regular-expression ]

Available in any view

Display IPv4 DNS server information.

display dns server [ dynamic ] [ | { begin |
exclude | include } regular-expression ]

Available in any view

Display DNS suffixes.

display dns domain [ dynamic ] [ | { begin |
exclude | include } regular-expression ]

Available in any view

Display the information of the dynamic
IPv4 domain name cache.

display dns host ip [ | { begin | exclude |
include } regular-expression ]

Available in any view

Clear the information of the dynamic
IPv4 domain name cache.

reset dns host ip

Available in user view