NAT interfering with DNS 'A' TTL?

Lars Povlsen lp at filanet.dk
Mon Oct 18 13:56:19 UTC 1999 

Hi!

I have a weird problem with DNS lookups in our local domain filanet.dk,
which my ISP runs primary + secondary for.

The problem is that ALL address information for our domain ends up with a
zero TTL, thus not allowing us to cache the information here. What it boils
down to is, that a ping between two machines behind the router/firewall
triggers an IDSN (thats what we use) call for the DNS lookup - _every_ time.

Outside our network, everything is fine = 1H TTL. I checked the zone file,
which also seems fine.

The problem is the same no matter if I use an external NS or a local
recursive.

Our Router/firewall does NAT for our 192.168 addresses, and is a Cisco 1605.

Does anybody have any knowledge about caveats with DNS when using NAT?

Otherwise, I'll just have to set up myself as primary...

Any help/info is appreciated,

Sincerely,

Lars Povlsen
Filanet Europe

(PS: NAT = Network Address Translation, i.e. we use different, local
addresses behind our firewall as compared to addresses that are advertised
externally. )

Nslookup trace (actual adress blinded for paranoid security reasons ;-):

> set debug=1
> mail.filanet.dk
Server:  localhost
Address:  127.0.0.1

;; res_nmkquery(QUERY, mail.filanet.dk, IN, A)
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 1136, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion
avail.
        questions = 1,  answers = 1,  authority records = 2,  additional = 2

    QUESTIONS:
        mail.filanet.dk, type = A, class = IN
    ANSWERS:
    ->  mail.filanet.dk
        internet address = 192.168.xxx.xxx
        ttl = 0 (0S)
    AUTHORITY RECORDS:
    ->  filanet.dk
        nameserver = ns16.inet.tele.dk
        ttl = 21600 (6H)
    ->  filanet.dk
        nameserver = ns17.inet.tele.dk
        ttl = 21600 (6H)
    ADDITIONAL RECORDS:
    ->  ns16.inet.tele.dk
        internet address = 193.163.158.231
        ttl = 19636 (5h27m16s)
    ->  ns17.inet.tele.dk
        internet address = 195.41.46.87
        ttl = 19437 (5h23m57s)

------------
Name:    mail.filanet.dk
Address:  192.168.xxx.xxx

>

More information about the bind-users mailing list