Network Gear that "helps" with DNS
Ketil Froyn
isc_bind at ketil.froyn.name
Fri Mar 4 15:33:22 UTC 2005
On Fri, 2005-03-04 at 07:26 -0800, Al Sparks wrote:
> I've noticed some unpredictable behavior when doing queries from
> inside our network.
>
> This includes the following:
> dig some-name.com @ns.some-outside-server.com
> returns an INTERNAL address.
>
> When I access a host from outside our internal network and do the same
> thing, I get the expected address.
>
> This leads me to believe that within the internal network, some piece
> of network gear is intercepting my query and providing an answer it
> thinks should be provided.
>
> We have mostly cisco gear, including pix firewalls. Does anyone know
> of network gear that would do that? If it's a pix, where can one find
> the settings for this?
Sounds like it might be DNS doctoring in your PIX:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml
Ketil Froyn
ketil at froyn.name
http://ketil.froyn.name/
More information about the bind-users
mailing list