If I am on the inside of a FWSM and request a DNS record from a server on the Internet that returns multiple public IPs that are all statics on that FWSM, will the FWSM translate all of the records in the reply to their internal address or only the first one? I have read all the documentation I can find on DNS Rewrite and I don't see anything on how it handles multiple IPs in the DNS reply. I understand how it works when there is only one IP in the reply, I need to know how it handles multiple IPs in the reply. For example when there are two public IPs returned in DNS round-robbining and both IPs have statics mapping to two seperate internal IPs.
If I do a DNS query for www.example.com and the zone is configured with two A records, both of those IPs are included in the reply. I understand that the client will only use one of those two IPs, but how does the client decide what one to use? Does it use the first one in the packet or randomly chose it? Either way, what will the FWSM do with a DNS reply that contains multiple IPs if one or more of them have statics defined? If the FWSM does not translate DNS replies that contain multiple IPs at all, then users would not be able to access www.example.com assuming that is on the inside network.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...