DNS Resolution

Gary Gatten Ggatten at waddell.com
Sat Nov 20 01:25:22 UTC 2010

I ran into a similar situation where the ns was behind a Juniper SRX doing NAT. Said Juniper had a "smart" DNS piece (ALG) that does special stuff on DNS packets; max record length, special NAT, etc.  I had to disable the DNS ALG to fix the "problem".

If your ns is behind a NATing device, start there.  Or, if you can run tcpdump on the ns, or before it hits a fw/NAT - ensure the reply packets have the "proper" IP in them as they leave the ns.

----- Original Message -----
From: owner-freebsd-questions at freebsd.org <owner-freebsd-questions at freebsd.org>
To: freebsd-questions at freebsd.org <freebsd-questions at freebsd.org>
Sent: Fri Nov 19 18:50:33 2010
Subject: DNS Resolution

I have a weird DNS problem I am hoping someone can help me with.

I have server running FBSD 8.0.  /etc/resolv.conf is set to use my ISP's DNS 
servers for name resolution.

If run dig @ns3.socket.net XXXX.yyy.ZZZZ the INTERNAL ip address of the server 
is returned.  

If I run dig at ns3.socket.net XXXX.yyy.ZZZZ axfr, the correct information for 
the entire zone is returned.  I am only noticing problems with XXXX.yyy.ZZZZ.  
All other names seem to resolve correctly.

Any suggestions would be greatly appreciated.



freebsd-questions at freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

<font size="1">
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
"This email is intended to be reviewed by only the intended recipient
 and may contain information that is privileged and/or confidential.
 If you are not the intended recipient, you are hereby notified that
 any review, use, dissemination, disclosure or copying of this email
 and its attachments, if any, is strictly prohibited.  If you have
 received this email in error, please immediately notify the sender by
 return email and delete this email from your system."

More information about the freebsd-questions mailing list