Problem with NAT/RDR in PF
sh1nny_kn1ght at yahoo.com
Mon Dec 10 02:44:32 PST 2007
Michael Smith <mksmith at adhost.com> wrote:
On Dec 9, 2007, at 3:34 PM, Erik Norgaard wrote:
> Michael Smith wrote:
>> Hello All:
>> I am trying to configure a round-robin group of Name Servers that
>> respond on to and from a single address.
>> I want the following to occur:
>> 1) DNS query from 10.211.128.1 to 10.212.1.1 is redirected to a
>> pool of name servers
>> 2) One of the name servers responds to the query
>> 3) The response shows a source address of 10.212.1.1, not the
>> actual name server
> I know this does not answer your question, but, what's the point?
> DNS isn't exactly the kind of task that knocks over a server. If you
> want redundancy, then the correct way to do it is to add NS entries
> to your zone files.
> I simply let my register transfer the zone file daily, works fine.
> If you need to update the zone file regularly just reduce the max
> age of the zone.
Well, aside from doing a *lot* of queries, it's nice to have a single
IP address fronting a set of servers so I can pull one out for
maintenance at any time and it doesn't affect name resolution for the
freebsd-questions at freebsd.org mailing list
To unsubscribe, send any mail to freebsd-questions-unsubscribe at freebsd.org
If I understand correctly your environment I think you should change the NAT rule from:
nat on $vlan821_if from $nr_net to $mail_net -> 10.212.1.1
nat on $vlan6_if from $nr_net to $mail_net -> 10.212.1.1
Let us know if this is solving the issue.
Looking for last minute shopping deals? Find them fast with Yahoo! Search.
More information about the freebsd-questions