Date: Wed, 20 Jul 2005 12:24:11 +0200 From: Jeremie Le Hen <jeremie@le-hen.org> To: Alberto Alesina <aalesina@yahoo.com> Cc: freebsd-pf@freebsd.org Subject: Re: PF NAT and DNS Message-ID: <20050720102411.GU39292@obiwan.tataz.chchile.org> In-Reply-To: <20050720085312.40260.qmail@web32602.mail.mud.yahoo.com> References: <20050720085312.40260.qmail@web32602.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Alberto, > Does PF NAT have support for DNS ALG as described in > RFC 2694 - DNS extensions to "Network Address > Translators" (changing IP addresses in DNS payloads > for certain DNS traffic types based on NAT entries)? AFAIK, no, this is not supported, and this is not planned to be. > If not, what is the PF recommended way for avoiding > issues with DNS/NAT when the DNS server and DNS > clients are on different sides of the NAT? I would advice you to create a DNS server for the internal side. Another solution that I'm currently using (but it may not be applicable in you case) is to move the DNS server in the internal network. Then I use Bind9's zones to make a different reply whether the request is coming from the internal network or from Internet). Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050720102411.GU39292>