< Home

dns snooping enable

Function

The dns snooping enable command enables DNS snooping.

The undo dns snooping enable command disables DNS snooping.

By default, DNS snooping is disabled.

This command is supported only by the S5720-HI, S5730-HI, S5731-H, S5731S-H, S6720-HI, S5732-H, S6730-H, S6730S-H, and S6730S-HI.

Format

dns snooping enable

undo dns snooping enable

Parameters

None

Views

Ethernet interface view, GE interface view, XGE interface view, 25GE interface view, MultiGE interface view, 40GE interface view, 100GE interface view, VLAN view, Eth-Trunk interface view, port group view.

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When the ucl-group domain command is run to configure a domain name of a static UCL group, you also need to run the dns snooping enable command to enable the DNS snooping function. After this function is enabled, the device parses the received DNS response packets to obtain IP addresses and generates mappings between the IP addresses and domain names.

Precautions

DNS snooping needs to be applied on the interface connected to the DNS server.

Example

# Enable DNS snooping.

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] dns snooping enable
Parent Topic: NAC Configuration Commands (Unified Mode)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >