Slow Contacting my host behind NAT

Kevin Darcy kcd at daimlerchrysler.com
Wed Sep 20 00:19:01 UTC 2000


Yes, the cause of the slowdown is probably the mail and FTP servers tryin=
g
unsuccessfully to do reverse lookups of the clients. They should be
configured to know about the 168.192.in-addr.arpa zone. Set up
168.192.in-addr.arpa as master on one of your internal servers and if
you're using forwarding to be able to resolve Internet names, you'll have
to add a slave, forward or stub zone definition for this zone on each
internal server, pointing to the master or one of its slaves, to prevent
the nameserver from forwarding the query. What you put into this zone is =
up
to you: you could have no PTR's in the zone, for instance. This should
cause the mail and FTP servers to fail the reverse lookup immediately and
this should remove the login delay. Or, alternatively, add entries to the
zone, perhaps a wildcard entry, if you want "real" names in your logs,
etc..


- Kevin

Karina G=F3mez Salgado wrote:

> Hi:
>
> We are an ISP with a router Cisco 3640 and AS 5200's behind NAT. All of
> our dial-up users  and some users of our internal network have address
> 192.168.0.X. They can see our inside web pages and external webpages
> quickly without problem, but the connection to the mail and ftp server
> is so slow.
>
> When we don't have NAT in our routers and we used our public address in
> our modems there wasn't problem, but now it takes a long time to contac=
t
>
> the server.
>
> In our bind, the classes that we resolve are 200.33.20 and 207.3.141 an=
d
>
> i don't know if i have to add something about the 192.168 addresses.
>
> I will appreciate any help,
>
> Respectfully,
>
> Karina Gomez
> Btu Comunicacion






More information about the bind-users mailing list