Found it. ip nat inside source static udp 10.10.100.20 53 xx.xx.xx.xx 53 extendable no-payload
Roy wrote: > > I have done some more testing and it appears that any DNS response > that contains an IP address is lost. The problem must be related to a > defective fixup in the NAT routine. I haven't been able to figure out > how to disable the DNS fixup in IOS > > Roy > > Roy wrote: >> I am trying to setup a Linux box behind a Cisco router that has NAT >> turned on. >> I configured: >> >> ip nat inside source static udp 10.10.100.20 53 xx.xx.xx.xx 53 >> extendable >> ip nat inside source static tcp 10.10.100.20 53 xx.xx.xx.xx 53 >> extendable >> >> If I do >> >> dig . @xx.xx.xx.xx >> >> From the internet, I get the proper response. tcpdump on linux shows >> the packet arriving and a response packet. >> >> If I do >> >> dig domain.com @xx.xx.xx.xx >> >> I get no response. tcpdump on the linux box shows a reply packet >> leaving it and the router responding with ICMP host unreachable. >> >> Software is >> >> IOS (tm) C1700 Software (C1700-K9O3SY7-M), Version 12.3(18), RELEASE >> SOFTWARE (fc3) >> >> Any ideas are welcome. >> >> Roy >> >> >> >> > > _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
