Combining DNS and NATD

Bill Larson bind9 at
Tue Dec 7 18:50:09 UTC 2004

On Dec 7, 2004, at 11:27 AM, Kevin Darcy wrote:

> bob prohaska wrote:
>> Is it possible to use a combined DNS/NATD machine to provide
>> Internet access to hosts with registered names but no routeable
>> IP numbers?

I thought that NAT provided the mechanism to provide Internet access to 
systems with unrouteable IP addresses.  At least that is how I am 
getting out at the moment.

There isn't any need for DNS in this situation.

>> The simplest situation would be a single, static IP host which
>> serves as gateway to a 192.168.1.x network and also a nameserver
>> for a domain. The nameserver would know the private address associated
>> with each name, but would have to reply to queries with its own
>> address, and some sort of "tag" which would be returned in subsequent
>> traffic so it could properly recognize which host on the private
>> network is the intended destination.
> Even if the nameserver were to provide such a "tag", it would have to 
> be
> propagated through the resolver routines, picked up by the client app,
> which would then need an interface to the networking stack to be able 
> to
> tag the packets that the client is using to connect to the server.
> That's an awful lot of redesign work to accommodate a kludge (IMO) 
> like NAT.
> I suppose if more client apps used SRV records, then you could
> theoretically direct different clients to different ports dynamically,
> and then use port forwarding. However, SRV record support hasn't even
> made it into web browsers yet, let alone clients of less-common 
> protocols...

More information about the bind-users mailing list