ipv6 dns spoofing
Use ipv6 dns spoofing to enable DNS spoofing and specify the translated IPv6 address.
Use undo ipv6 dns spoofing to disable DNS spoofing.
Syntax
ipv6 dns spoofing ipv6-address [ vpn-instance vpn-instance-name ]
undo ipv6 dns spoofing ipv6-address [ vpn-instance vpn-instance-name ]
Default
DNS spoofing is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies the IPv6 address used to spoof name query requests.
vpn-instance vpn-instance-name: Specifies the name of an MPLS L3VPN instance, a case-sensitive string of 1 to 31 characters. To enable DNS spoofing on the public network, do not use this option.
Usage guidelines
Use the ipv6 dns spoofing command together with the dns proxy enable command.
DNS spoofing enables the DNS proxy on the device to send a spoofed reply with an IPv6 address in response to a type AAAA DNS request. Without DNS spoofing, the device does not forward or answer a request if no DNS server is specified or no DNS server is reachable.
You can configure DNS spoofing for the public network and a maximum of 1024 VPNs. You can specify only one replied IPv6 address for the public network or each VPN.
If you use the command multiple times, the most recent configuration takes effect.
Examples
# Enable DNS spoofing on the public network and specify 2001::1 as the translated IPv6 address.
<Sysname> system-view [Sysname] dns proxy enable [Sysname] ipv6 dns spoofing 2001::1
Related commands
dns proxy enable