Bind behind Cisco 675 router

Tim Maestas tmaestas at dnsconsultants.com
Sun Sep 23 02:40:54 UTC 2001



	This is happening due to your NAT setup on the Cisco.
	http://www.cisco.com/warp/public/566/3.html has some
	info on how cisco NAT affects DNS packets.  Depending on
	how you need your nat setup, the examples on this page
	may or may not help you, but it should give you an
	understanding of what your router is doing.

-Tim




On Sat, 22 Sep 2001, Deon Garrett wrote:

> 
> 
> 
> Thanks for the input...
> 
> > 
> > 	Well, at least the answers I'm seeing are plausible:
> > 
> > % dig @66.7.185.147 deong.org. any
> > 
> 
> Yeah, it seems to work to resolve my own domain.  The major problem
> I have right now is that my nameserver seems to try to resolve any
> hostname on the internet to my IP address.  If you put
> 
> nameserver 66.7.185.147
> 
> in your /etc/resolv.conf file, and try to ping www.yahoo.com, you'll
> actually be pinging 66.7.185.147.  Going through my router somehow causes
> any A record to be assigned to that IP address.  I'm pretty sure it's the
> router, since that doesn't happen if I use 192.168.1.2 for my nameserver,
> and using that means that the data never has to pass through the Cisco...
> 
> > 
> > 	Of course, this doesn't match the data currently registered with 
> > the gTLD nameservers for .org:
> > 
> > 	But I suspect that this is exactly what you're trying to get set 
> > up to change, right?   
> > 
> 
> You are correct, sir.  :)
> 
> > 
> > 	Again, the ratio between the refresh and retry intervals should 
> > be modified so as to allow more retries per refresh, and you should 
> > have at least two nameservers registered (worldnic.com could 
> > presumably provide your secondary/slave service, or you could 
> > potentially sign up for free secondary/slace service with 
> > secondary.com), and you should have a backup MX registered (you'd 
> > probably have to talk to your provider about this).
> > 
> 
> If I ever get my server to work, I'll figure out what to do about a 
> secondary server, backup mail server, etc.  It really isn't that big
> a deal, as all I really want is to be able to ssh/scp/cvs/etc into my
> box by name when I'm on the road so I can work without putting everything
> on my laptop.  My ISP will host primary and secondary nameservers for
> something like 5 bucks a month.
> 
> It just seemed like a good project to play with to get it working for
> myself. 
> 
> 
> 




More information about the bind-users mailing list