On Tue, 19 Aug 2008, David Conrad wrote:
On Aug 19, 2008, at 6:40 AM, Masataka Ohta wrote:
So what? NAT at airport must be, unlike NATs in enterprises,
consumer friendly. Unlike highe end NAT, low end NAT won't
bother to interfere DNS.
Right. Because low-end consumer gear is always so much better implemented
than enterprise gear.
At least in IOS's case, there was some gross misunderstanding that CNAME's
should have their TTL's 0'ed (CSCsj10772) as a part of their translating
payloads that contain A's and PTR's that are within nat address pools.
The behavior is now configurable ("no ip nat service dns-reset-ttl"), but
the stance was that "it's been this way so long we can't change the
default". Ultimately, it was the breakage due to DNSSEC (rather than
simple incorrectness) that got it addressed.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
