HP 6125XLG R2306-HP 6125XLG Blade Switch Layer 3 - IP Services Command Referen - Page 117

Related commands dns proxy enable dns trust-interface Use dns trust-interface to specify the DNS trusted interface. Use undo dns trust-interface to remove the specified DNS trusted interface. If no interface is specified, the undo dns trust-interface command removes all DNS trusted interfaces. Syntax dns trust-interface interface-type interface-number undo dns trust-interface [ interface-type interface-number ] Default No trusted interface is specified. Views System view Predefined user roles network-admin Parameters interface-type interface-number: Specifies an interface by its type and number. Usage guidelines By default, an interface obtains DNS suffix and DNS server information from DHCP. A network attacker may act as the DHCP server to assign wrong DNS suffix and DNS server address to the device. As a result, the device fails to obtain the resolved IP address or may get the wrong IP address. With the DNS trusted interface specified, the device only uses the DNS suffix and DNS server information obtained through the trusted interface to avoid attack. This configuration is applicable to both IPv4 and IPv6. You can configure a maximum of 128 DNS trusted interfaces on the device. Examples # Specify VLAN-interface 2 as the DNS trusted interface. system-view [Sysname] dns trust-interface vlan-interface 2 ip host Use ip host to create a host name-to-IPv4 address mapping. Use undo ip host to remove a mapping. Syntax ip host host-name ip-address [ vpn-instance vpn-instance-name ] undo ip host host-name ip-address [ vpn-instance vpn-instance-name ] 109