This section provides a sample of configuring DNS snooping using the merge method. You can also use the create method to configure DNS snooping.
Operation |
XPATH |
|---|---|
edit-config:merge |
/if:interfaces/if:interface/huawei-dns-snooping:dns-snooping |
Item |
Data |
Description |
|---|---|---|
Whether to enable DNS snooping |
true |
Enable DNS snooping. |
Delay in aging DNS snooping IP address and domain name entries. |
5700 |
Set the delay in aging IP address and domain name entries to 5700 minutes. |
<?xml version="1.0" encoding="UTF-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1572244183033">
<edit-config>
<target>
<running />
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<interfaces xmlns="urn:ietf:params:xml:ns:yang:ietf-interfaces" xmlns:hw-dns-snooping="urn:huawei:yang:huawei-dns-snooping">
<interface>
<name>GigabitEthernet0/0/1</name>
<type xmlns:iana="urn:ietf:params:xml:ns:yang:iana-if-type">iana:ethernetCsmacd</type>
<hw-dns-snooping:dns-snooping xc:operation="merge">
<hw-dns-snooping:snooping-enable>true</hw-dns-snooping:snooping-enable>
</hw-dns-snooping:dns-snooping>
</interface>
</interfaces>
<dns-snooping xmlns="urn:huawei:yang:huawei-dns-snooping">
<global>
<hw-dns-snooping:ttl-delay-time>5700</hw-dns-snooping:ttl-delay-time>
</global>
</config>
</edit-config>
</rpc>
# Sample of successful response
<?xml version='1.0' encoding='UTF-8'?> <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="0"> <ok/> </rpc-reply>
# Sample of failed response
<?xml version="1.0" encoding="UTF-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1572244183033">
<rpc-error>
<error-type>application</error-type>
<error-tag>operation-failed</error-tag>
<error-severity>error</error-severity>
<error-path>/ietf-interfaces:interfaces/interface[name='GigabitEthernet0/0/1']/huawei-dns-snooping:dns-snooping/snooping-enable</error-path>
<error-message>parse rpc config error. (Invalid value "true12" in "snooping-enable" element.).</error-message>
</rpc-error>
</rpc-reply>