I have a dumb question..

itdaddyitdaddy Senior MemberMember Posts: 2,089 ■■■■□□□□□□
Hey guys..

ahahahah I meant dumb question (sorry ;)haaha)

I was setting up my cisco 2924 switch. And I set the vlan 1 ip interface address to okay.
and the ip default-gateway to (actual gateway using).

okay yeah I can ping but I can also ping domain names.
Get this I have no ip name-server listed period. but I have ip domain-lookup enabled and when I disabled ip domain-lookup. I cannot ping domain names. My guess is it uses the gateways dns to lookup dns names huh? if I have no name server configured locally in vlan 1 but how does
it use ip domain-lookup or what does ip domain-lookup do?


  • burbankmarcburbankmarc Member Posts: 460
    Run some packet debugs and see where it's making it's DNS requests from.
  • itdaddyitdaddy Senior Member Member Posts: 2,089 ■■■■□□□□□□
    good idea and I guess I could do some packet sniffing..just wanted others opinions will let you know. will report back ;)
  • CyanicCyanic Member Posts: 289
    Maybe it has a hard coded DNS server in the IOS. It is plausible if DNS is being allowed out of the network. Regardless, the switch has to be sending it somewhere, and getting an answer back.
  • itdaddyitdaddy Senior Member Member Posts: 2,089 ■■■■□□□□□□
    cyanic yeah right.

    I looked in running and startup config and I didnt create name servers
    but when I enable ip domain-lookup DNS works, and yeah I configured
    a ip default-gateway for vlan 1 but do you think it is using my ASA DNS?
    I mean it is hooked into my asa 5505 which has the name servers there.
    I will have to do a packet snif which I should do anyway and do the debug
    ICMP on the switch is goiing to be cool once I find out I will report what i find in detail this has really got me wondering ;)
    thanks for the help
  • burbankmarcburbankmarc Member Posts: 460
    Do you have CDP enabled? There's all kinds of hooks into CDP, I wouldn't be surprised to find out that it was behind this.
  • keenonkeenon Member Posts: 1,922 ■■■■□□□□□□
    i was about say, you were going to get a awesome flame icon_lol.gif
    Become the stainless steel sharp knife in a drawer full of rusty spoons
  • itdaddyitdaddy Senior Member Member Posts: 2,089 ■■■■□□□□□□

    haahha I know. once I looked at it after I submitted it I said shhhhhh t I cant change my subject I dont think I can I tried and saw no way to do it hahhahha...


    not sure if it is CDP but it might be my switch cisco 2924 is doing a broadcast for a DNS server and of course my windows 2003 DNS server
    repsonded to the broad cast requestion. No sure but when I disable
    ip domain-lookup, pinging www.yahoo.com doesnt work.

    I love paket sniffing. I packet sniffed my vlan 1 and saw comm between
    my vlan 1 ip address using a broadcast and my dns server responded. way freaking cool.... so that is solved. it was a broadcast i am guessing with the ip domain-lookup it seems. packet sniffing work like magic..yeah I had cdp enable as well but when i disable
    the ip domain-lookup i cannot ping squat! so it must have to do with that
    it was easy to lab it up...;) thanks guys
  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    itdaddy wrote: »
    I cant change my subject
    I thought I had asked if you wanted it changed.... but I guess I got distracted by work and never finished the post.

    I changed the p to a b so we won't attract people looking for dumbs :D
    :mike: Cisco Certifications -- Collect the Entire Set!
  • itdaddyitdaddy Senior Member Member Posts: 2,089 ■■■■□□□□□□
    hey thanks mikej, I shuld have asked you to change it sorry. but thanks
    yeah I dont want that kind of attention trying to stay out of trouble. hee heeicon_thumright.gif
  • CyanicCyanic Member Posts: 289
    Do you know what protocol was it using? Wireshark should decode it for you automajically.
  • itdaddyitdaddy Senior Member Member Posts: 2,089 ■■■■□□□□□□
    DNS it was using DNS it show a broadcast from source vlan 1 ip address i set. when i removed the command ip domain-lookup
    it didnt translate the DNS names like when I pinged www.yahoo.com worked fin when ip domain-lookup was enabled but once i did
    no ip domain-lookup the ping www.yahoo.com could not be found.
    cool huh. i love wireshark!
  • SysAdmin4066SysAdmin4066 Member Posts: 443
    ip domain-lookup allows for hostname resolution using dns queries as opposed to local resolution and I guess based on your sniffer info, it also allows for your switch, at least the 2924, to actually LOOK for a DNS server via broadcast. I would imagine the fix is to disable the lookup and configure only local lookups if this is a problem.
    In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

    Next Up: CCIE R&S Lab
  • itdaddyitdaddy Senior Member Member Posts: 2,089 ■■■■□□□□□□
    thanks systadmin it wasnt an issue I just was discovering what was doing that. I guess I was only diggig in deeper into why it works vs I know what it does kind of thing it was cool that there is a difference between find a dns server via broadcast than using locally configured name servers. was just playing with it to really understand how it works hey thanks for you reply and input more is better ;)
  • SysAdmin4066SysAdmin4066 Member Posts: 443
    Got ya ;)
    In Progress: CCIE R&S Written Scheduled July 17th (Tentative)

    Next Up: CCIE R&S Lab
Sign In or Register to comment.