NAT interfering with DNS 'A' TTL?

Barry Margolin barmar at bbnplanet.com
Mon Oct 18 20:09:32 UTC 1999


In article <7uf8u6$qik$1 at news1.tele.dk>, Lars Povlsen <lp at filanet.dk> wrote:
>Hi!
>
>I have a weird problem with DNS lookups in our local domain filanet.dk,
>which my ISP runs primary + secondary for.
>
>The problem is that ALL address information for our domain ends up with a
>zero TTL, thus not allowing us to cache the information here. What it boils
>down to is, that a ping between two machines behind the router/firewall
>triggers an IDSN (thats what we use) call for the DNS lookup - _every_ time.
>
>Outside our network, everything is fine = 1H TTL. I checked the zone file,
>which also seems fine.
>
>The problem is the same no matter if I use an external NS or a local
>recursive.
>
>Our Router/firewall does NAT for our 192.168 addresses, and is a Cisco 1605.
>
>Does anybody have any knowledge about caveats with DNS when using NAT?

I suspect the router is setting the TTL to 0 to ensure that changes in the
NAT translation table are immediately reflected in DNS lookups.  It doesn't
want your internal server caching translations that may be obsolete.

>Otherwise, I'll just have to set up myself as primary...

That would probably be the best solution.

-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


More information about the bind-users mailing list