Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
822
Views
5
Helpful
4
Replies

Issue with DNS using NAT between overlapping networks.

t.baranski
Level 4
Level 4

‎01-17-2003 07:58 AM - edited ‎03-02-2019 04:17 AM

We have two overlapping LANs seperated by two 2600 routers. We're using the 'ip nat inside source static network' command on both routers to perform the address translation.

This has worked fine so far, but we're now having an issue putting a backup domain controller on the remote LAN. When trying to join it to the domain, it makes a DNS request to its DNS server (which is the PDC on the primary LAN) asking for the address of the domain's PDC. The PDC responds with it's own address. The address included in the DNS reply gets translated by the first router (good), but then gets translated again by the second router (bad) which changes the address back to what it was originally. The result of this is that the remote BDC thinks the PDC is on it's own subnet, and hence can't find it.

My understanding is that a Cisco router will translate the response in a DNS reply if it also translates the IP header. In this case, both routers are translating the IP header of the packet (the first router translates the source, the second translates the destination), so the DNS packet gets translated by both routers. So, the question is: is there any way to prevent the DNS reply from being translated on one of the routers while still having that router translate the IP header?

Thanks,

Terry

Labels:
0 Helpful
4 Replies 4

thisisshanky
Level 11
Level 11

‎01-17-2003 09:45 AM

An one stop solution to this is to do NAT only in a single router, rather than doing it at two ends.Are the 2600s being used to connect only between the two locations??. Then shift the NATing to just one router. Take a look at this link http://www.cisco.com/warp/public/556/3.html

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

t.baranski
Level 4
Level 4
In response to thisisshanky

‎01-18-2003 01:14 PM

Sounds as reasonable as anything. So perhaps adding an "ip nat outside source static network" to the first router and removing the NAT statement from the second will do the trick. I'll give it a shot.

0 Helpful

thisisshanky
Level 11
Level 11
In response to thisisshanky

‎01-18-2003 06:37 PM

Xactly! That should be a remedy for the issue!

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful

t.baranski
Level 4
Level 4
In response to thisisshanky

‎01-21-2003 05:40 PM

This did the trick. Thanks a bunch.

0 Helpful
Customers Also Viewed These Support Documents