Configure split-DNS forwarding on Cisco routers
Before you begin
To separate the DNS resolution of internal domains from external domains, configure split-DNS forwarding with Cisco routers. This lets you use the local DNS server for internal domain resolution for internal applications or resources while directing external domain requests to ETP.

How to
-
Log in the Cisco router:
- Open a command prompt or terminal window.
-
Enter this
command:
telnet <IP address>
<IP address> is the IP address of router.
- Enter your username and press Enter.
- When prompted for your password, enter your password.
-
Enter this command to access
global configuration settings:
configure terminal
-
Configure the DNS server
configuration on the router to send requests to ETP.
Enter this command:
ip name-server <ETP_primaryIP> <ETP_secondaryIP>
where:- <ETP_primaryIP> is the IP address of the primary ETP recursive DNS server.
- <ETP_secondaryIP> is the IP address of the secondary ETP recursive DNS server.
-
Configure DNS forwarding:
-
Enter this command to
define the default DNS view:
ip dns view default
-
Enter this command to
define DNS forwarding for incoming DNS requests:
dns forwarder <ETP_primaryIP> <ETP_secondaryIP>
where:- <ETP_primaryIP> is the IP address of the primary ETP recursive DNS server.
- <ETP_secondaryIP> is the IP address of the secondary ETP recursive DNS server.
-
Enter this command to
define an internal DNS view:
ip dns view internal_dns
-
Enter this command to
forward internal requests to your organization's internal DNS
server:
dns forwarder <Internal_DNS_IP1> <Internal_DNS_IP2>
where:- <Internal_DNS_IP1> is the IP address of your internal DNS server.
- <Internal_DNS_IP2> is the IP address of your secondary internal DNS server.
-
Enter this command to
define the default DNS view:
-
Enter this command to configure
a list of internal domains that you want the internal DNS server to
resolve.
where:ip dns name-list <number> permit <domain>
- <number> is a number ranging from 1 to 500 that identifies the list.
- <domain> is a domain. Regular expressions and regular expression pattern-matching characters are supported.
-
Execute these commands to
configure DNS views or to specify the parameters that define how DNS queries are
handled. In this step, you'll also configure a list of DNS views.
-
Enter this command to
define conditions for a view list.
ip dns view-list conditional
-
Enter this command:
view internal_dns 10
-
Enter this command:
restrict name-group 1
-
Enter this command:
view default 99
-
Enter this command to
define conditions for a view list.
-
Enter these commands to enable
the view list on the router and the DNS service.
ip dns server view-group conditional
ip dns server