DNS Configuration In Cisco ACI Fabric [Step By Step Example]
![DNS Configuration In Cisco ACI Fabric [Step By Step Example]](https://learnduty.com/wp-content/uploads/2023/02/image-71.png)
Domain Name System (DNS) Overview
- The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities.
- The Domain Name System delegates the responsibility of assigning domain names and mapping those names to Internet resources by designating authoritative name servers for each domain.
Below are the basic Steps for DNS configuration in Cisco ACI Fabric:
Step-1: Create DNS Profile
- Navigate to Fabric > Fabric Policies > Policies > Global > DNS Profiles
You can use the default DNS policy which is recommended in some cases. In this example, we will create another DNS policy “DNS_Prof_Pod1”.
Note: For the APICs to leverage DNS, you need to use the default DNS profile. Non-default DNS profile don’t include APICs. For that, you can use default profile for APICs and use other DNS profiles for the other nodes, but typically, ‘default’ DNS policy is sufficient.
- In the DNS Configuration pop-up, Specify the DNS Domain and the DNS providers “IP address”, you can set the proffered in case of multiple DNS servers.
Step-2: Define DNS Label in The mgmt Tenant
For the Fabric nodes (Leaf and spines) to use the DSN profile, you need to define the label under mgmt tenant:
- Since, we used the OOB EPG as the Management EPG in our example, we need to apply the DNS profile as Label under the OOB VRF:
Navigate to the Mgmt Tenant > Networking > VRF > oob - Define the DNS Label, which is the DNS Profile name
Note: if you used the default DNS profile, just write “default” in the DNS labels field
Probably, you noticed that you can add multiple DNS profiles (Labels) separated by comma if you need to do so.
Verifications
- On APICs:
cat /etc/resolv.confor you can test with Nslookup
Example: nslookup learnduty.com
- On Leaf/spines:
cat /etc/resolv.conf
Reference:
