jhall at socket.net
Sat Nov 20 04:11:11 UTC 2010
On Friday, November 19, 2010 07:25:10 pm Gary Gatten wrote:
> I ran into a similar situation where the ns was behind a Juniper SRX doing
> NAT. Said Juniper had a "smart" DNS piece (ALG) that does special stuff on
> DNS packets; max record length, special NAT, etc. I had to disable the
> DNS ALG to fix the "problem".
> If your ns is behind a NATing device, start there. Or, if you can run
> tcpdump on the ns, or before it hits a fw/NAT - ensure the reply packets
> have the "proper" IP in them as they leave the ns.
Thanks for the quick response. I think this is a problem with a piece of
equipment I do not have access to. The only difference between the site
experiencing the problem and the other sites I maintain is the router. If I
redirect DNS queries to other sites, everything works as expected.
Thanks for your help.
More information about the freebsd-questions