有没有办法关闭反向查找并保持向前查找?
摘要:
no domain-lookup在line vty 0 4... 下使用
细节:
没错,默认行为是对show命令中的地址执行和缓存正向/反向查找。此配置开始与您的配置类似...
基准行为:正向/反向查询
HotCoffee#clear host *
HotCoffee#sh runn | i ip domain|ip name|^ +domain|NTP
Time source is NTP, 06:10:42.327 CDT Tue Aug 13 2013
ip domain name pennington.net
ip name-server 172.16.1.5
domain-name pennington.net
HotCoffee#
清除主机缓存后,其中没有任何条目...
HotCoffee#show host
Load for five secs: 0%/0%; one minute: 1%; five minutes: 1%
Time source is NTP, 06:11:46.864 CDT Tue Aug 13 2013
Default domain is pennington.net
Name/address lookup uses domain service
Name servers are 172.16.1.5
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined
Host Port Flags Age Type Address(es)
HotCoffee#
执行show user或ping填充主机缓存...
HotCoffee#sh user
Line User Host(s) Idle Location
* 66 vty 0 cisco idle 00:00:00 tsunami.pennington.net
Interface User Mode Idle Peer Address
HotCoffee#ping flame
Translating "flame"...domain server (172.16.1.5)
Translating "flame"...domain server (172.16.1.5) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/2/4 ms
HotCoffee#
现在,既有ping目标主机又有主机主机条目show user。
HotCoffee#sh hosts
Load for five secs: 1%/0%; one minute: 0%; five minutes: 0%
Time source is NTP, 06:16:32.811 CDT Tue Aug 13 2013
Default domain is pennington.net
Name/address lookup uses domain service
Name servers are 172.16.1.5
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined
Host Port Flags Age Type Address(es)
tsunami.pennington.net None (temp, OK) 0 IP 172.16.1.5
flame.pennington.net None (temp, OK) 0 IP 172.16.1.1
flame None (temp, UN) 0 IPv6
HotCoffee#
解决方案:仅正向查找
no domain-lookup在vty / console行下使用以将IOS行为限制为仅正向查找...
HotCoffee#conf t
Enter configuration commands, one per line. End with CNTL/Z.
HotCoffee(config)#line vty 0 4
HotCoffee(config-line)#no domain-lookup
HotCoffee(config-line)#end
HotCoffee#
首先,我清除主机缓存以进行干净的测试...
HotCoffee#clear host *
HotCoffee#
HotCoffee#
show user 以前在172.16.1.5上执行了反向查找以及填充了主机缓存,但现在都没有发生...
HotCoffee#sh user
Load for five secs: 1%/0%; one minute: 0%; five minutes: 0%
Time source is NTP, 06:20:00.250 CDT Tue Aug 13 2013
Line User Host(s) Idle Location
* 66 vty 0 cisco idle 00:00:00 172.16.1.5 <----
Interface User Mode Idle Peer Address
HotCoffee#
HotCoffee#sh host
Load for five secs: 2%/0%; one minute: 0%; five minutes: 0%
Time source is NTP, 06:20:06.729 CDT Tue Aug 13 2013
Default domain is pennington.net
Name/address lookup uses domain service
Name servers are 172.16.1.5
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined
Host Port Flags Age Type Address(es)
<----
HotCoffee#
只是为了表明正向查找仍然起作用...
HotCoffee#
HotCoffee#ping flame
Translating "flame"...domain server (172.16.1.5)
Translating "flame"...domain server (172.16.1.5) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
HotCoffee#
HotCoffee#
HotCoffee#
HotCoffee#sh hosts
Load for five secs: 0%/0%; one minute: 0%; five minutes: 0%
Time source is NTP, 06:25:43.237 CDT Tue Aug 13 2013
Default domain is pennington.net
Name/address lookup uses domain service
Name servers are 172.16.1.5
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined
Host Port Flags Age Type Address(es)
tsunami.pennington.net None (temp, OK) 0 IP 172.16.1.5
flame.pennington.net None (temp, OK) 0 IP 172.16.1.1
flame None (temp, UN) 0 IPv6
HotCoffee#