Table of Contents
Advertisement
Default
DNS spoofing is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the IPv4 address used to spoof DNS requests.
Usage guidelines
Use the dns spoofing command together with the dns proxy enable command.
DNS spoofing functions when the DNS proxy does not know the DNS server address or cannot
reach the DNS server. It enables the DNS proxy to spoof DNS queries of type A by responding with
the specified IPv4 address.
The system allows only one replied IPv4 address for the public network. If you execute this
command multiple times, the most recent configuration takes effect.
Examples
# Enable DNS spoofing for the public network and specify IPv4 address 1.1.1.1 for spoofing DNS
requests.
<Sysname> system-view
[Sysname] dns proxy enable
[Sysname] dns spoofing 1.1.1.1
Related commands
dns proxy enable
dns trust-interface
Use dns trust-interface to specify a DNS trusted interface.
Use undo dns trust-interface to remove a DNS trusted interface.
Syntax
dns trust-interface interface-type interface-number
undo dns trust-interface [ interface-type interface-number ]
Default
No DNS trusted interface is specified.
Views
System view
Predefined user roles
network-admin
Parameters
interface-type interface-number: Specifies an interface by its type and number.
Usage guidelines
By default, an interface obtains DNS suffix and DNS server information from DHCP. A network
attacker might act as the DHCP server to assign a wrong DNS suffix and DNS server address to the
8
Advertisement
Chapters
Table of Contents
