Configuring the DNS trusted interface

This task enables the device to use only the DNS suffix and domain name server information obtained through the trusted interface. The device can then obtain the correct resolved IP address. This feature protects the device against attackers that act as the DHCP server to assign incorrect DNS suffix and domain name server address.

To configure the DNS trusted interface:

Step	Command	Remarks
1. Enter system view.	system-view	N/A
2. Specify the DNS trusted interface.	dns trust-interface interface-type interface-number	By default, no DNS trusted interface is specified. You can configure up to 128 DNS trusted interfaces.

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Specify the DNS trusted interface.

dns trust-interface interface-type interface-number

By default, no DNS trusted interface is specified.

You can configure up to 128 DNS trusted interfaces.

prev	up	next
Specifying the source interface for DNS packets	home	Setting the DSCP value for outgoing DNS packets