- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
RE: DNS through PAT? [7:49754] posted 07/26/2002
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Here is how I got mine to work.
ip nat inside source static tcp 53 53
ip nat inside source static udp 53 53

The first line is if someone else is a secondary dns server for you and
you do zone transfers that's why tcp.

The second line is for actual dns queries it uses udp and I have no
problems at all with quesries been hosting my own dns and mail server
for over 3 years on my own dsl circuit and a buddy of mine is the
secondary dns and secondary mx record. I am doing this on a 1605. Hope
this helps.

Waiting for my pix to arrive so I can get some experience with it and
replace the 1605 with the pix. Which I will probably looking to you guys
for help :).

-----Original Message-----
From: Johan Hjalmarsson [mailto:cnsjohj@xxxxxxxxxxx] 
Sent: Friday, July 26, 2002 4:30 AM
To: cisco@xxxxxxxxxxxxxx
Subject: DNS through PAT? [7:49754]

I'd like to install my own DNS server on my home network, but it seems
I've run into some problems :-(

Since I only got one public IP address from my provider I'm running Port
Address Translation to be able to gain Internet access from the PC's on
I also use static NAT to let Internet users access my Web & FTP site on
of my inside PC's.
So far so good. No for the problem:

I tried to create the same static NAT rule for DNS, but when I debug the
translation it claims that it can't translate the DNS A-record.

Here's some examples of the NAT statements I'm using:
LAN access to the Internet:
ip nat inside source list acl-nat interface Ethernet1 overload
Access to my web server from the Internet:
ip nat inside source static tcp 80 80 extendable
The DNS entry I used:
ip nat inside source static udp 53 53 extendable

Any idear what I'm doing wrong?
Is it at all possible to make this work with just one public address?


Message Posted at:
FAQ, list archives, and subscription info:
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx