DNS Rewrite with multiple IPs in reply

Unanswered Question
Aug 13th, 2008
User Badges:

If I am on the inside of a FWSM and request a DNS record from a server on the Internet that returns multiple public IPs that are all statics on that FWSM, will the FWSM translate all of the records in the reply to their internal address or only the first one? I have read all the documentation I can find on DNS Rewrite and I don't see anything on how it handles multiple IPs in the DNS reply. I understand how it works when there is only one IP in the reply, I need to know how it handles multiple IPs in the reply. For example when there are two public IPs returned in DNS round-robbining and both IPs have statics mapping to two seperate internal IPs.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Thu, 08/14/2008 - 01:03
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

but eather way the client will use one ip at a time

not both so why u need to ask about two ips at the same time?

asm-it Thu, 08/14/2008 - 13:50
User Badges:

If I do a DNS query for www.example.com and the zone is configured with two A records, both of those IPs are included in the reply. I understand that the client will only use one of those two IPs, but how does the client decide what one to use? Does it use the first one in the packet or randomly chose it? Either way, what will the FWSM do with a DNS reply that contains multiple IPs if one or more of them have statics defined? If the FWSM does not translate DNS replies that contain multiple IPs at all, then users would not be able to access www.example.com assuming that is on the inside network.


This Discussion