AW: AW: BIND9 behind NAT: no reverse lookup from external net

Ronan Flood ronan at
Wed Mar 2 15:48:47 UTC 2005

"Markus Wollny" <Markus.Wollny at> wrote:

> And I still cannot imagine that it's due to a firewall problem:
> The server does does come up with an answer for this query here:
> Mar  2 16:02:31 localhost named[32277]: client
> query: IN PTR
> But it doesn't respond with an answer to that one:
> Mar  2 16:02:28 localhost named[32277]: client
> query: IN PTR

But look at the query:, when I guess you
asked for "dig -x".  That suggests that the NAT firewall
is translating the address within the query.

> one of ist direct neighbours). So I gather that reverse lookup for
> itself seems to be something special in this particular NAT-situation
> (as internally it sees itself not as but as
> 192.168.something) that has to be catered for in some place I haven't
> thought of yet.

The firewall ...

                      Ronan Flood <R.Flood at>
                        working for but not speaking for
             Network Services, University of London Computer Centre
     (which means: don't bother ULCC if I've said something you don't like)

More information about the bind-users mailing list