We help IT Professionals succeed at work.

How do I get the Cisco router to respond/rewrite DNS queries?

ekobrinsky asked
1) Cisco 2811 router running 12.4
2) Branch office where the cisco router handles DHCP.
3) DNS servers are external ISP DNS servers

I'm trying to figure out how to get the router to intercept/rewrite DNS queries to certain domains and redirect the user to alternative domains. I can easily do this if I control the DNS servers, but in the branch office, they are using the ISPs DNS servers (which are handed to the clients by the router DHCP). Whats the best way to do this?

Few more specific questions:

1) Can the Cisco router act as a DNS server? caching DNS responses and forwarding DNS requests if it doesn't have it in cache?

2) Is it possible to rewrite DNS responses relatively easily (if it's a pain, it's easier just to block the ips)?

3) Is the "ip name-server" command only used to specify DNS servers used for the routers own internal lookups, like ping/trace? It has nothing to do with the DHCP pool dns-server command that specifies what DNS servers to send to the DHCP clients, correct?

Watch Question

System Admin
Sorry this is just a bunch of links but this was like three questions in one.

3) yes it's for internal use only.

how many sites do you want to redirect. you may be better of setting up a little quick and dirty dns server in a linux virtual machine and use that for the network.


Not many, definitely don't want to go for setting up a DNS server I need to always keep in the back of my head.

1) Got it
2) I tried this with no luck. I used these series of commands:

ip domain lookup
ip name-server x.x.x.x y.y.y.y
ip host facebook.com d.d.d.d (?)

When I ran nslookup (on a machine behind the router) using the IP of the internal interface ip of the router, I wasn't getting any responses for any queries. Also, when I did a "show run" on the router, for some reason I can't see the "ip domain lookup" command in the config... any reason it wouldn't show up?

3) Got it
luc_roySystem Admin

let me do some more research. , just to make sure you are trying to take aweb site someone is asking for and send it to a different IP then DNS wants to give it correct?
luc_roySystem Admin

i think what you are looking for is WCCP.



After reading through that link I don't think thats what I need. WCCP is a way of redirecting certain traffic to a device that will filter/adjust the traffic (like an http proxy that does web filtering). In essence that is what I'm trying to do, but was hoping for an easier way to do just a couple domains.

I'm starting to think that maybe I should just block all traffic destined to certain IPs and leave it at that, but now I'm curious if what I'm trying to do is even possible (for my own education).


Closing question. Multiple solutions but none of them were the ones I was hoping for.