Hi Tyson Can you please let me know the reason for having DNS in management plane. How does the DNS help to manage the deivce?
I am not getting the picture. With regards Kings On Tue, Nov 9, 2010 at 8:08 AM, Tyson Scott <[email protected]> wrote: > DNS is management plane. It is not a service that glues the L3 network > together. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Managing Partner / Sr. Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Eugene Pefti > *Sent:* Sunday, November 07, 2010 3:23 AM > *To:* 'Kingsley Charles' > > *Cc:* [email protected] > *Subject:* Re: [OSL | CCIE_Security] DNS part of which plane > > > > That’s right. We see all ports that open on the router that belongs to the > so-called host subinterface of Control Plane. What are debating about then ? > ;) > > I didn’t find that DNS belongs to management plane in Cisco’s official > documentation. Perhaps Yusuf in his flash cards is not right as the list of > protocols mentioned in the Figure for this question is too big. Unless I > confuse entirely the concept of Control and Management Plane > > > > *From:* Kingsley Charles [mailto:[email protected]] > *Sent:* Sunday, November 07, 2010 12:56 AM > *To:* Eugene Pefti > *Cc:* [email protected] > *Subject:* Re: [OSL | CCIE_Security] DNS part of which plane > > > > Eugene, the O/P is self explanatory. The show control-plane host openshows > all the port that the router is listening to. The > O/P has port 22 and 23 which is ssh and telnet respectively. Does that mean > telnet and ssh are control plane protocols? > > The O/P includes management, control and service protocol port numbers. > ISAKMP is in service plane right, you can 500 and 4500 in the O/P too. > > > With regards > Kings > > On Sun, Nov 7, 2010 at 1:13 PM, Eugene Pefti <[email protected]> > wrote: > > It’s a good point, Kings. > > Our customer uses their routers as DNS servers at their remote offices and > the traffic destined to the router itself can be falling under the > management plane. > > I thought that you control access to the router via a regular ACL which I > still do by applying it to different VLAN interfaces. > > But when I query the router to show me open ports under the control plane I > see DNS on the list as well. Hence DNS traffic is from control-plane ;) > > > > Router_LAB#show control-plane host open > > Active internet connections (servers and established) > > Prot Local Address Foreign > Address Service State > > tcp *:22 *:0 > SSH-Server LISTEN > > tcp *:23 > *:0 Telnet LISTEN > > tcp *:53 *:0 > DNS Server LISTEN > > udp *:53 *:0 > DNS Server LISTEN > > udp *:67 *:0 > DHCPD Receive LISTEN > > udp *:2887 > *:0 DDP LISTEN > > udp *:123 > *:0 NTP LISTEN > > udp *:4500 > *:0 ISAKMP LISTEN > > udp *:500 > *:0 ISAKMP LISTEN > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Kingsley Charles > *Sent:* Saturday, November 06, 2010 11:52 PM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] DNS part of which plane > > > > Hi all > > As per the Yusuf flash cards, DNS is part of the Management plane. > > Management plane is used to manage the device and control plane is used to > dynamically build the network. > > The DNS builds the network by resolving the FQDN to IP address. > > I think, DNS should be in the control plane list. > > Any thoughts? > > With regards > Kings > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
