I must add that the public IP is a virtual IP that CARP claims. I run nslookup on the with the external public IP (a physical one) and I get no response. I get the unexpected source response only when I nslookup using the CARP public IP as the nameserver which forwards to the internal DNS. Is getting no response for the physical interface natural? I suspect packets are getting sloshed and not really going anywhere because of my pf.conf.
Vivek On Sun, Nov 16, 2008 at 7:21 PM, Vivek Ayer <[EMAIL PROTECTED]> wrote: > thanks to K.R. for the named cleanup. I tried that, but to no avail. I > suspect it's a nat issue because the source packets aren't matching > the destination packets. rdr/pass rules seem to be working because i'm > getting a response from the internal DNS, when I nslookup on the > router. I even tried nslookup from a different network, but i'm just > getting time out. How to do nat the public IP to the internal DNS and > if I can, do I do it for $ext_if and $int_if of the router? > > Thanks, > Vivek > > On Sun, Nov 16, 2008 at 5:35 PM, Adriaan <[EMAIL PROTECTED]> wrote: >> On Sun, Nov 16, 2008 at 7:25 AM, Vivek Ayer <[EMAIL PROTECTED]> wrote: >>> >>> Need some help with DNS queries behind a router. I set up a DNS server >>> in my network and it responds when I'm within my network. I tried >>> nslookup from localhost on the dns server and also from the LAN and it >>> works just find, but when I use the public IP of the router for the >>> network, which should forward the port to the DNS server, it says >>> "unexpected reply from 192.168.1.101, expected from the (public IP, >>> which I won't display in this email)." Does that mean the port >>> forwarding is working? >> >> I am not sure whether you really did direct that query over the >> internet to the public IP or >> from your local LAN. >> >> Initiating a DNS query from a local LAN box to the public IP will not >> get redirected. >> See http://openbsd.org/faq/pf/rdr.html#reflect for the explanation. >> >> =Adriaan=
