Cisco Cisco Packet Data Gateway (PDG) Guida Alla Risoluzione Dei Problemi
Crypto Template Configuration Mode Commands
▀ dns-handling
▄ Cisco ASR 5000 Series Command Line Interface Reference
OL-22947-02
dns-handling
Adds a custom option to define the ways a DNS address is returned based on proscribed circumstances described below.
Product
PDIF
Privilege
Security Administrator, Administrator
Syntax
Configures the default condition as
. By default, PDIF always returns the DNS address in the config
payload in the second authentication phase if one is received from either the configuration or the HA.
This is the default action. PDIF always returns the DNS address in the config payload in the second
authentication phase if one is received from either the configuration or the HA.
authentication phase if one is received from either the configuration or the HA.
Configures the PDIF to behave as described in the Usage section below.
Usage
During IKEv2 session setup, MS may or may not include INTERNAL_IP4_DNS in the Config Payload (CP).
PDIF may obtain one or more DNS addresses for the subscriber in DNS NVSE from a proxy-MIP
Registration Reply message. If Multiple Authentication is used, these DNS addresses may be also received in
Diameter AVPs during the first authentication phase, or in RADIUS attributes in the Access Accept messages
during the second authentication phase.
In
PDIF may obtain one or more DNS addresses for the subscriber in DNS NVSE from a proxy-MIP
Registration Reply message. If Multiple Authentication is used, these DNS addresses may be also received in
Diameter AVPs during the first authentication phase, or in RADIUS attributes in the Access Accept messages
during the second authentication phase.
In
mode, by default PDIF always returns the DNS address in the config payload in the second
authentication phase if one is received from either the configuration or the HA.
In
In
mode, depending on the number of INTERNAL_IP4_DNS, PDIF supports the following
behaviors:
If MS includes no INTERNAL_IP4_DNS in Config Payload: PDIF doesn't return any
INTERNAL_IP4_DNS option to MS, whether or not PDIF has received one(s) in DNS NVSE from
HA or from local configurations.
HA or from local configurations.
If MS requests one or more INTERNAL_IP4_DNS(s) in Config Payload, and if P-MIP NVSE doesn't
contain any DNS address or DNS address not present in any config, PDIF omits
INTERNAL_IP4_DNS option to MS in the Config Payload.
INTERNAL_IP4_DNS option to MS in the Config Payload.
And if P-MIP NVSE includes one DNS address (a.a.a.a / 0.0.0.0), then PDIF sends one
INTERNAL_IP4_DNS option in Config Payload back to the MS.
If Primary DNS is a.a.a.a and Secondary DNS is 0.0.0.0, then a.a.a.a is returned (i.e. only one instance
of DNS attribute present in the config payload).