nal Message-
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
> Reindl Harald
> Sent: Tuesday, April 21, 2020 7:37 PM
> To: bind-users@lists.isc.org
> Subject: Re: NAT and Question Section Mismatch
>
>
>
> Am 21.04.20 um 21:30 schrieb Ondřej
-users
> Sent: Tuesday, April 21, 2020 6:17 PM
> To: bind-users@lists.isc.org
> Subject: RE: NAT and Question Section Mismatch
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Tue, 2020-04-21 at 14:08 -0400, John Wiles wrote:
> ;; ;; Question section mismatch: got 17.1
Am 21.04.20 um 21:30 schrieb Ondřej Surý:
> There was a setting in Cisco which would handle the host behind
> the NAT differently when the DNS traffic passed the matching NAT.
>
> I found a bug in the Cisco devices more than 10+ years ago when
> it would mangle the TTL to `0`. I don’t really
The ultimate fix for this is to move to IPv6 so every device is universally
addressable. NAT is a stop gap measure that is well past its use by date.
> On 22 Apr 2020, at 09:03, Mark Andrews wrote:
>
> https://www.networkstraining.com/dns-doctoring-cisco-asa/
>
>> On 18 Apr 2020, at 06:26,
https://www.networkstraining.com/dns-doctoring-cisco-asa/
> On 18 Apr 2020, at 06:26, John Wiles wrote:
>
> Hello all,
>
> I am running into a problem that I think is caused by either a
> misconfiguration in Bind9, our Cisco NAT, or perhaps both.
>
> The scenario:
>
> We host our own
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Tue, 2020-04-21 at 14:08 -0400, John Wiles wrote:
;; ;; Question section mismatch: got 17.1.1.10.in-addr.arpa/PTR/IN
tcpdump is your friend.
Dump the outgoing packets from your home connection to see exactly what
you are sending for:
dig
;
>> -Original Message-
>> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of
>> Matthew Richardson
>> Sent: Tuesday, April 21, 2020 2:55 PM
>> To: bind-users@lists.isc.org
>> Subject: Re: NAT and Question Section Mismatch
>>
&
1, 2020 2:55 PM
> To: bind-users@lists.isc.org
> Subject: Re: NAT and Question Section Mismatch
>
> Out of interest, what "ip inspect" settings exist in the Cisco 2911 config?
>
> Do any of these reference "dns"? If so, this may be your problem...
>
>
e, 21 Apr 2020 14:08:24 -0400
>Subject: RE: NAT and Question Section Mismatch
>> -Original Message-
>> From: John Wiles
>> Sent: Sunday, April 19, 2020 11:18 PM
>> To: 'Tony Finch'
>> Cc: bind-users@lists.isc.org
>> Subject: RE: NAT and Question Sect
> -Original Message-
> From: John Wiles
> Sent: Sunday, April 19, 2020 11:18 PM
> To: 'Tony Finch'
> Cc: bind-users@lists.isc.org
> Subject: RE: NAT and Question Section Mismatch
>
> > >
> > > I am running into a problem that I think is caused by e
> >
> > I am running into a problem that I think is caused by either a
> > misconfiguration in Bind9, our Cisco NAT, or perhaps both.
> >
> > When I am on our internal network, I am able to query both servers and
> > get the appropriate external ip address. However, when I try to do the
> >
John Wiles wrote:
>
> I am running into a problem that I think is caused by either a
> misconfiguration in Bind9, our Cisco NAT, or perhaps both.
>
> When I am on our internal network, I am able to query both servers and
> get the appropriate external ip address. However, when I try to do the
>
Hello all,
I am running into a problem that I think is caused by either a misconfiguration
in Bind9, our Cisco NAT, or perhaps both.
The scenario:
We host our own sites locally, including internal and external DNS. The
external dns servers are delegated for reverse lookups. The NAT is a
13 matches
Mail list logo
