[x]

DNS commands > dns spoofing

 

 Next

dns spoofing

Use dns spoofing to enable DNS spoofing and specify the IPv4 address to spoof DNS query requests.

Use undo dns spoofing to disable DNS spoofing.

Syntax

dns spoofing ip-address [ vpn-instance vpn-instance-name ]

undo dns spoofing ip-address [ vpn-instance vpn-instance-name ]

Default

DNS spoofing is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the IPv4 address used to spoof name query requests.

vpn-instance vpn-instance-name: Specifies the name of an MPLS L3VPN instance, a case-sensitive string of 1 to 31 characters. To enable DNS spoofing on the public network, do not use this option.

Usage guidelines

Use the dns spoofing command together with the dns proxy enable command. DNS spoofing enables the DNS proxy to send a spoofed reply with a configured IP address even if it cannot reach the DNS server because no dial-up connection is available. Without DNS spoofing, the proxy does not answer or forward a DNS request if it cannot find a local matching DNS entry or reach the DNS server.

You can configure DNS spoofing for the public network and a maximum of 1024 VPNs. You can specify only one replied IPv4 address on the DNS spoofing device for the public network or each VPN.

If you use the command multiple times, the most recent configuration takes effect.

Examples

# Enable DNS spoofing on the public network and specify the IPv4 address 1.1.1.1 to spoof DNS requests.

<Sysname> system-view
[Sysname] dns proxy enable
[Sysname] dns spoofing 1.1.1.1

Related commands

dns proxy enable

prev

 

up

 next

dns source-interface 

home

 dns trust-interface

© Copyright 2017 Hewlett Packard Enterprise Development LP