Skip to content

IANA ROOT DNS Object-Group

The following object-group consists the latest IANA ROOT DNS Servers which can be used on the Cisco ASA firewalls.

IANA Root DNS Servers (IPv4/IPv6)

object-group network IANA-ROOT-DNS
 description IANA Root DNS Servers (IPv4/IPv6)
 network-object host 198.41.0.4
 network-object host 2001:503:ba3e::2:30
 network-object host 192.228.79.201
 network-object host 2001:500:84::b
 network-object host 192.33.4.12
 network-object host 2001:500:2::c
 network-object host 199.7.91.13
 network-object host 2001:500:2d::d
 network-object host 192.203.230.10
 network-object host 192.5.5.241
 network-object host 2001:500:2f::f
 network-object host 192.112.36.4
 network-object host 128.63.2.53
 network-object host 2001:500:1::803f:235
 network-object host 192.36.148.17
 network-object host 2001:7fe::53
 network-object host 192.58.128.30
 network-object host 2001:503:c27::2:30
 network-object host 193.0.14.129
 network-object host 2001:7fd::1
 network-object host 199.7.83.42
 network-object host 2001:500:3::42
 network-object host 202.12.27.33
 network-object host 2001:dc3::35

Another method is to split the servers into IPv4 and IPv6 so if necessary you can call specific object-group on another ACL.

IPv4 Servers as follows…

IANA IPv4 Root DNS Servers

 description IANA IPv4 Root DNS Servers
 network-object host 198.41.0.4
 network-object host 192.228.79.201
 network-object host 192.33.4.12
 network-object host 199.7.91.13
 network-object host 192.203.230.10
 network-object host 192.5.5.241
 network-object host 192.112.36.4
 network-object host 128.63.2.53
 network-object host 192.36.148.17
 network-object host 192.58.128.30
 network-object host 193.0.14.129
 network-object host 199.7.83.42
 network-object host 202.12.27.33

IPv6 Servers as follows…

IANA IPv6 Root DNS Servers

object-group network IANA-IPv6-ROOT-DNS
 description IANA IPv6 Root DNS Servers
 network-object host 2001:503:ba3e::2:30
 network-object host 2001:500:84::b
 network-object host 2001:500:2::c
 network-object host 2001:500:2d::d
 network-object host 2001:500:2f::f
 network-object host 2001:500:1::803f:235
 network-object host 2001:7fe::53
 network-object host 2001:503:c27::2:30
 network-object host 2001:7fd::1
 network-object host 2001:500:3::42
 network-object host 2001:dc3::35

And combine both IPv4 and IPv6 into a group-object…

IANA IPv4 & IPv6 Root DNS Servers

object-group network IANA-ROOT-DNS
 description IANA IPv4 & IPv6 Root DNS Servers
 group-object IANA-IPv4-ROOT-DNS
 group-object IANA-IPv6-ROOT-DNS
comments powered by Disqus