Disabling Domain Name Lookups

Problem

You want to prevent your router from trying to connect to your typing errors.

Solution

To prevent the router from attempting to resolve typing errors, use the no ip domain-lookup command:

Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#no ip domain-lookup Router1(config)#end Router1#

You can also prevent the router from trying to resolve typing errors on routers that use DNS by changing the default EXEC behavior for unknown commands:

Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#line vty 0 4 Router1(config-line)#transport preferred none Router1(config-line)#end Router1#

 

Discussion

As we mentioned in Recipe 2.11, routers attempts to resolve all hostnames by using DNS by default. Unfortunately, if you don't configure a valid DNS nameserver, the router sends these queries to the local broadcast IP address, 255.255.255.255. Querying a nonexistent nameserver is not only unproductive, but it can also be quite time consuming if it happens in an interactive session, since the router will not return the EXEC prompt until the query times out. This can be quite frustrating because, by default, the router will interpret any unknown command as a hostname that you want to connect to. So it will attempt to resolve any typing mistakes you enter on the command line:

Router1#pnig Translating "pnig"...domain server (255.255.255.255) Translating "pnig"...domain server (255.255.255.255) (255.255.255.255) Translating "pnig"...domain server (255.255.255.255) % Unknown command or computer name, or unable to find computer address Router1#

As you can see, we accidentally mistyped the command ping. The router did not know this command, so it assumed that it must be the name of a foreign host and attempted to resolve it. Everybody who has used a Cisco router for more than a few minutes is familiar with this problem, compounding the annoyance of a typing error with having to wait several seconds for the name query to time out.

One easy way to prevent this from happening is to disable DNS lookups, as we did in our first example:

Router1(config)#no ip domain-lookup

This is an effective solution if we don't need to use DNS services on the router. With name resolution disabled, the router will still interpret our typing mistakes as names of foreign hosts, but it will try to resolve these names only from the static host entries, which don't need to time out:

Router1#pnig Translating "pnig" % Unknown command or computer name, or unable to find computer address Router1#

The net result is that the router will return your prompt immediately and allow you to enter the command you intended to type.

Routers that are properly configured to use DNS services, as in Recipe 2.11, also will attempt to resolve your typing errors by default. In this case, there is a real server to respond to the request and definitively state that there is no such host, so the delay is somewhat shorter. The router will attempt to query each of the configured nameservers in order until it receives a response or gives up trying:

Router1#pnig Translating "pnig"...domain server (172.25.1.1) (10.1.20.5) % Unrecognized host or address, or protocol not running. Router1#

This is still an extremely inefficient way of handling typing errors, though. And if you need to use DNS, the solution in our first example is not practical. So we have to attack the problem from a different angle.

The router attempts to resolve typo errors because, by default, every VTY line has preferred transport method of Telnet. This means that you can initiate a Telnet session by typing a hostname at the prompt. You don't need to explicitly issue the telnet command. Therefore, when we type in "pnig", the router interprets it as "telnet pnig". However, we can instead set the preferred transport method to be "none" so the router won't try to connect to a remote device unless we explicitly issue the Telnet command:

Router1(config)#line vty 0 4 Router1(config-line)#transport preferred none

This avoids the problem by preventing the router from misinterpreting our typos as hostnames in the first place:

Router1#pnig ^ % Invalid input detected at '^' marker. Router1#

As you can see, the router now interprets the typing error as an invalid command rather than a hostname. We recommend using this solution to the problem because it doesn't prevent you from using DNS.

See Also

Recipe 2.10; Recipe 2.11

Категории