DNS Protocol Classification Change

Traffic for a network application includes DNS query/response traffic and the actual application flow. Using the DNS Protocol Classification Change feature, NBAR2 can be configured to classify and handle DNS traffic in the same way as its associated application traffic.

This module describes DNS Protocol Classification Change and the how to enable it.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Prerequisites for DNS Protocol Class Change

None.

Information About DNS Protocol Classification Change

DNS Protocol Classification Change

Traffic for a network application includes DNS query/response traffic and the actual application flow. When classifying traffic, most attention is given to the application flow, both for reporting (application visibility) and control (QoS policy).

The DNS Protocol Classification Change feature enables an NBAR client, such as a router, to classify and handle DNS traffic in the same way as its associated application traffic. This is accomplished using the domain name that appears in the DNS flow.

Use of DNS Protocol Classification Change

DNS Protocol Classification Change can be especially useful in networks employing Cisco Intelligent WAN (IWAN), for optimizing the performance of network applications.

For example, in an IWAN spanning a wide geography, it might happen that a specific type of application traffic (example: Microsoft Office 365) may be routed first to a geographically distant node in the IWAN, and then to the relevant server. This route may diminish performance of the application. Using DNS protocol classification change, it is possible to redirect the DNS query/response to a local DNS server, and route the application traffic directly to the relevant cloud-based application server, improving application performance.

Figure 1. DNS Protocol Classification Change Improving Application Performance in an IWAN Environment

Usage Notes

  • DNS Protocol Classification Change classifies the DNS flow in the same way as the application, based on built-in protocols or custom signatures.

  • The DNS flow classification inherits the attributes of the application – category, business-relevance, traffic-class, encryption, and so on. For example, for a DNS flow classified as “Google-accounts” the encryption attribute is TRUE.

  • DNS flows are not cached using the socket cache mechanism.

  • To catch all DNS traffic for QoS, use the following “transport hierarchy” CLI:

    match protocol dns in-app-hierarchy

  • Default: enabled.

How to Enable DNS Protocol Classification Change

Enabling DNS Protocol Classification Change

Enabling the DNS Protocol Classification Change feature enables an NBAR client, such as a router, to classify and handle DNS traffic in the same way as its associated application traffic.

The no form of the command disables the feature.

[no ] ip nbar classification dns classify-by-domain

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. ip nbar classification dns classify-by-domain

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

ip nbar classification dns classify-by-domain

Example:


Device(config)# ip nbar classification dns classify-by-domain

Enables the DNS Protocol Classification Change feature.