2801 problema DNS Server

[S0nic]

Ciao a tutti,

da tempo avevo configurato il mio 2801 come server dns e tutto funzionava molto bene
senza cambiare la configurazione, da ieri non ha più funzionato.

i client in rete non riescono ad andare in internet in quanto non risolvono nessun host
il problema sta appunto usando come server DNS il 2801 (che prima funzionava bene)
fissando manualmente i DNS del mio provider tutto torna a funzionare
ovviamente ho necessità di usare il 2801 come server DNS

ho riavviato tutte le macchine, in rete non ci sono altri server DNS ne DHCP ne conflitti di IP

il 2802 nela fa0/0 prende direttamente l'IP Pubblico statico del mio provider
nella fa0/1 rete locale con ip 192.168.0.254

Chi sa aiutarmi ?

la config usata è la seguente

Codice: Seleziona tutto

Current configuration : 3100 bytes
!
! No configuration change since last restart
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Sn-Router
!
boot-start-marker
boot system flash c2801-advsecurityk9-mz.124-6.t.bin
boot-end-marker
!
logging buffered 4096 debugging
enable password 7 *****
!
no aaa new-model
!
resource policy
!
clock timezone MET 1
clock summer-time MET recurring last Sun Mar 2:00 last Sun Oct 3:00
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.0.252 192.168.0.254
!
ip dhcp pool LAN
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.254
   domain-name local
   dns-server 192.168.0.254 83.103.25.250 62.101.93.101
!
ip dhcp pool AP1
   host 192.168.0.253 255.255.255.0
   hardware-address ***
   client-name Ap1
!
ip dhcp pool AP2
   host 192.168.0.252 255.255.255.0
   client-identifier ***
   client-name Ap2
!
ip dhcp pool Media
   host 192.168.0.2 255.255.255.0
   client-identifier ***
   client-name Media
!
ip dhcp pool Server
   host 192.168.0.1 255.255.255.0
   hardware-address ***
   client-name Server
!
!
ip host dvr.****.net 192.168.0.223
!
!
!
!
username *** password 7 *****
!
!
!
!
!
interface FastEthernet0/0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip address 192.168.0.254 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Serial0/3/0
 no ip address
 shutdown
 clock rate 2000000
!
ip route 192.168.10.0 255.255.255.0 FastEthernet0/0
!
!
no ip http server
no ip http secure-server
ip nat translation timeout 10
ip nat translation tcp-timeout 300
ip nat translation udp-timeout 301
ip nat translation finrst-timeout 61
ip nat translation syn-timeout 50
ip nat inside source list NAT_TO_INTERNET interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.0.1 80 interface FastEthernet0/0 80
ip nat inside source static tcp 192.168.0.1 22 interface FastEthernet0/0 222
ip nat inside source static udp 192.168.0.2 4672 interface FastEthernet0/0 4672
ip nat inside source static tcp 192.168.0.2 4662 interface FastEthernet0/0 4662
ip nat inside source static tcp 192.168.0.223 15961 interface FastEthernet0/0 15961
ip nat inside source static tcp 192.168.0.223 9000 interface FastEthernet0/0 9000
ip nat inside source static tcp 192.168.0.223 88 interface FastEthernet0/0 88
ip dns server
!
ip access-list standard NAT_TO_INTERNET
 permit 192.168.0.0 0.0.0.255
!
logging trap errors
logging facility local5
logging source-interface FastEthernet0/0
!
!
!
!
control-plane
!
banner motd ^C
Unauthorized access strictly prohibited
and prosecuted to the full extent of the law
^C
!
line con 0
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet
!
scheduler allocate 20000 1000
ntp clock-period 17177782
ntp server 193.204.114.232
!
webvpn context Default_context
 ssl authenticate verify all
 !
 no inservice
!
end

[S0nic]

aggiungo il debug
inoltre dal 2801 nessun problema, risolve tutti gli host regolarmente

Codice: Seleziona tutto

Aug 21 08:35:39.901: DNS: Incoming UDP query (id#1)
Aug 21 08:35:39.901: DNS: Type 12 DNS query (id#1) for host '254.0.168.192.in-addr.arpa' from 192.168.0.103(1610)
Aug 21 08:35:39.901: DNS: Re-sending DNS query (type 12, id#1) to 62.101.93.101
Aug 21 08:35:39.909: DNS: Incoming UDP query (id#1234)
Aug 21 08:35:39.909: DNS: Type 1 DNS query (id#1234) for host 'a.root-servers.net' from 192.168.0.252(53875)
Aug 21 08:35:39.909: DNS: Finished processing query (id#1234) in 0.000 secs
Aug 21 08:35:39.945: DNS: Incoming UDP query (id#1)
Aug 21 08:35:39.945: DNS: Type 12 response (id#1) for host <254.0.168.192.in-addr.arpa> from 62.101.93.101(53)
Aug 21 08:35:39.945: DNS: Response code 3 (id#1) from 62.101.93.101(53)
Aug 21 08:35:39.945: DNS: Forwarded back non-A response
Aug 21 08:35:39.945: DNS: Finished processing query (id#1) in 0.044 secs
Aug 21 08:35:39.949: DNS: Forwarding back reply to 192.168.0.103/1610
Aug 21 08:35:39.957: DNS: Incoming UDP query (id#2)
Aug 21 08:35:39.961: DNS: Type 1 DNS query (id#2) for host 'facebook.com' from 192.168.0.103(1611)
Aug 21 08:35:39.961: DNS: Replying to query (id#2) with NS
Aug 21 08:35:39.961: DNS: Finished processing query (id#2) in 0.004 secs
Aug 21 08:35:39.965: DNS: Incoming UDP query (id#3)
Aug 21 08:35:39.965: DNS: Type 1 DNS query (id#3) for host 'facebook.com' from 192.168.0.103(1612)
Aug 21 08:35:39.965: DNS: Replying to query (id#3) with NS
Aug 21 08:35:39.965: DNS: Finished processing query (id#3) in 0.000 secs
Aug 21 08:35:42.201: DNS: Incoming UDP query (id#37111)
Aug 21 08:35:42.201: DNS: Type 1 DNS query (id#37111) for host 'safebrowsing.google.com' from 192.168.0.2(64979)
Aug 21 08:35:42.201: DNS: Replying to query (id#37111) with NS
Aug 21 08:35:42.201: DNS: Finished processing query (id#37111) in 0.000 secs
Aug 21 08:35:42.453: DNS: Incoming UDP query (id#40261)
Aug 21 08:35:42.453: DNS: Type 1 DNS query (id#40261) for host 'safebrowsing-cache.google.com' from 192.168.0.2(61302)
Aug 21 08:35:42.453: DNS: Replying to query (id#40261) with NS
Aug 21 08:35:42.453: DNS: Finished processing query (id#40261) in 0.000 secs

[S0nic]

ho cambiato la IOS e funziona tutto

[Federico.Lagni]

Well done