Hi, let me to say that is a bit strange what you say. If you mean a NAT many to 1 can't be reached in reverse way but "many" can only exit and receive reply packets for esthabilished session or udp related packet
if you mean for example an application server that give as output different web content reading the name after domain name , is possible but ever is one server and not many to 1 if you mean that several nets are shared to one single IP address (NAT) , no, you can only know the IP of application or appliance that perform NAT . You can't know MAC or IP after a NAT (NAT is even a route action that encapsulate IP packet inside another IEEE 802.2 packet with the MAC address from who perform the NAT (extrnal interface) over it in all case, bind can log QUERIES , check CHANNELS for LOG action inside BIND documentation you can log DNS queries but is so a large log file (as network accounting, can't be live for "too much". Alberto Colosi IT NetWork & Security Architect Engineer ________________________________ From: bind-users <bind-users-boun...@lists.isc.org> on behalf of Job <j...@colliniconsulting.it> Sent: Tuesday, February 28, 2017 2:35 PM To: bind-users@lists.isc.org Subject: Recognizing remote IP in shared connections Hi, for policies purpuose, we need to know which remote site is resolving a Bind 9.x public DNS Server. The problem occurs when some carriers "share" the same IP address between more customers and they surf behind a shared NAT. Is there a way? Perhaps with DNS crypt o dnssec? Thank you! /F _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users Info Page - Internet Systems Consortium<https://lists.isc.org/mailman/listinfo/bind-users> lists.isc.org To see the collection of prior postings to the list, visit the bind-users Archives. Using bind-users: To post a message to all the list members, send ... bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users bind-users Info Page - Internet Systems Consortium<https://lists.isc.org/mailman/listinfo/bind-users> lists.isc.org To see the collection of prior postings to the list, visit the bind-users Archives. Using bind-users: To post a message to all the list members, send ...
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
