NAT and Question Section Mismatch

Mark Andrews marka at isc.org
Tue Apr 21 23:10:41 UTC 2020 

The ultimate fix for this is to move to IPv6 so every device is universally addressable.  NAT is a stop gap measure that is well past its use by date.

> On 22 Apr 2020, at 09:03, Mark Andrews <marka at isc.org> wrote:
> 
> https://www.networkstraining.com/dns-doctoring-cisco-asa/
> 
>> On 18 Apr 2020, at 06:26, John Wiles <john at iotis.org> wrote:
>> 
>> Hello all,
>> 
>> I am running into a problem that I think is caused by either a misconfiguration in Bind9, our Cisco NAT, or perhaps both.
>> 
>> The scenario:
>> 
>> We host our own sites locally, including internal and external DNS. The external dns servers are delegated for reverse lookups. The NAT is a static one.
>> 
>> When I am on our internal network, I am able to query both servers and get the appropriate external ip address. However, when I try to do the same thing externally I get “Question section mismatch: got 6.1.1.10.in-addr.arpa/PTR/IN.” 
>> 
>> Some online tools will resolve the public ip to the appropriate hostname, but they will also show the ip as 10.1.1.6. Normally this wouldn’t be an issue except that I think it is the reason for some emails not being delivered.
>> 
>> Any help or guidance is greatly appreciated.
>> 
>> John 
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>> 
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> 
> -- 
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742              INTERNET: marka at isc.org
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

More information about the bind-users mailing list