Date: Fri, 19 Nov 2010 22:11:07 -0600 From: Jay Hall <jhall@socket.net> To: Gary Gatten <Ggatten@waddell.com> Cc: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org> Subject: Re: DNS Resolution Message-ID: <201011192211.08206.jhall@socket.net> In-Reply-To: <1159_1290216311_4CE72377_1159_2401_1_D9B37353831173459FDAA836D3B43499A7AF8CF0@WADPMBXV0.waddell.com> References: <1159_1290216311_4CE72377_1159_2401_1_D9B37353831173459FDAA836D3B43499A7AF8CF0@WADPMBXV0.waddell.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday, November 19, 2010 07:25:10 pm Gary Gatten wrote: > I ran into a similar situation where the ns was behind a Juniper SRX doing > NAT. Said Juniper had a "smart" DNS piece (ALG) that does special stuff on > DNS packets; max record length, special NAT, etc. I had to disable the > DNS ALG to fix the "problem". > > If your ns is behind a NATing device, start there. Or, if you can run > tcpdump on the ns, or before it hits a fw/NAT - ensure the reply packets > have the "proper" IP in them as they leave the ns. Thanks for the quick response. I think this is a problem with a piece of equipment I do not have access to. The only difference between the site experiencing the problem and the other sites I maintain is the router. If I redirect DNS queries to other sites, everything works as expected. Thanks for your help.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201011192211.08206.jhall>