DNS-ALG - how to disable?

Unanswered Question
Jun 27th, 2007
User Badges:


I have a dns server sitting on a private subnet behind the router which does private-public translations. The reverse (ptr) record queries are being re-written by the router to inside subnet and when they hit my dns box they essentially break.

As I found out, this is a feature of the DNS-ALG.

Is there a way to disable this dns packet re-write?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
amritpatek Tue, 07/03/2007 - 10:21
User Badges:
  • Silver, 250 points or more

DNS-ALG must be implemented in NAT-PT routers to facilitate name to address mapping. The DNS-ALG is capable of translating IPv6 addresses in DNS queries and responses into their IPv4 address binding.

Obviously DNS, responsible for domain name/IP address mapping, is impacted by NAT. From simple query handling to zone transfers, a robust DNS ALG is defined by RFC 2694 [9] .

imanassypov Thu, 07/05/2007 - 06:34
User Badges:

In reply to my own question, the dns-alg functionality can be disabled with static inside-outside mappings by means of adding 'no-payload' option in the statement.


This Discussion