On Thu, Jun 05, 2014 at 08:18:00PM +0200, Reindl Harald wrote: > Am 05.06.2014 18:48, schrieb Ben Croswell: > > Cisco routers do have the ability to "doctor" DNS packets > > when doing NAT > > argh - and it is on by default
Interesting -- go figure. > "no ip nat service alg udp dns" > "no ip nat service alg tcp dns" > > > When it doctors it sets the TTL to 0 but > > I dont know why it would only do it on CNAME records. > > because that crap is broken, on our large wire in front of ns2 > the Cisco 2 years ago even killed zone transfers at least from > "large" zones at all as well as PTR answers from the NAT behind > containing the public IP > > thanks and sorry for the noise No problem, it's not noise. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
