Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

why does nslookup return private NAT address internally and public address externally?

Unanswered Question
Jun 26th, 2002
User Badges:
  • Bronze, 100 points or more

Our e-mail server has a private address of 10.x.x.x with a static map in the NAT pool on our router. Our ISP maintains our DNS records. When using nslookup internally (on the 10.x.x.x network) it returns the private address of our e-mail server. When nslookup is run externally, the NAT (public) address is returned.

My question is what governs the address returned by the nslookup query?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Anonymous (not verified) Wed, 06/26/2002 - 14:16
User Badges:

from the FAQ for CISCO IOS NAT:


Q. Does Cisco IOS NAT support DNS queries?

A. Yes, Cisco IOS NAT will translate the address(es) which appear in DNS responses to name lookups (A queries) and inverse lookups (PTR queries). Thus, if an outside host sends a name-lookup to a DNS server on the inside, and that server responds with a local address, the NAT code will translate that local address to a global address. The opposite is also true, and is how we support IP addresses overlapping: an inside host queries an outside DNS server, the response contains an address that matches the access-list specified on the "outside source" command, so the code translates the outside global address to an outside local address.

Time-to-live (TTL) values on all DNS resource records (RRs) which receive address translations in RR payloads are automatically set to zero.

Cisco IOS NAT does not translate IP addresses embedded in DNS zone transfers.


This Discussion