[fw-wiz] DNS records for a firewall NAT pool

From: Pollock, Joseph (PollockJ_at_evergreen.edu)
Date: 07/28/03

Next message: Jim McAtee: "Re: [fw-wiz] DNS records for a firewall NAT pool"

Previous message: David Lang: "RE: [fw-wiz] Off topic: Any one know of a good IPV6 reference book?"
Next in thread: Jim McAtee: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Reply: Jim McAtee: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Reply: Barney Wolff: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Reply: R. DuFresne: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: firewall-wizards@honor.icsalabs.com
Date: Mon, 28 Jul 2003 14:51:42 -0700

What DNS records are appropriate for addresses in a firewall NAT pool?

We have long provided dummy PTR records for the addresses to deal with
software that does a reverse lookup. We have not configured matching A
records, feeling it was inappropriate and likely in conflict with, for
example, RFC 2182, since the hosts are not directly reachable.

We are suddenly faced with a researcher who cannot connect to a well-known
database. The site tells me they use TCPWrappers in a manner that requires
matching forward and reverse lookups to pass the connection on to the
server.

We could, of course, configure a static NAT entry for the two hosts
required; my management prefers to not do this for a variety of reasons.

What are the implications of populating our DNS server with matching dummy A
records for all of our firewall pool?

Joe Pollock
Network Services
The Evergreen State College
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Jim McAtee: "Re: [fw-wiz] DNS records for a firewall NAT pool"

Previous message: David Lang: "RE: [fw-wiz] Off topic: Any one know of a good IPV6 reference book?"
Next in thread: Jim McAtee: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Reply: Jim McAtee: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Reply: Barney Wolff: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Reply: R. DuFresne: "Re: [fw-wiz] DNS records for a firewall NAT pool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [fw-wiz] DNS records for a firewall NAT pool
... > What DNS records are appropriate for addresses in a firewall NAT pool? ... > We have long provided dummy PTR records for the addresses to deal with ...
(Firewall-Wizards)
Re: Dynamic DNS registration port
... > allow dynamic updates of dns records through a firewall. ... If you open all the ports needed for proper AD communication, your firewall ... Best regards, ... Kevin D4 Dad Goodknecht Sr. ...
(microsoft.public.windows.server.dns)
Re: question
... >machines behind one single firewall and still keep their names. ... >machine and then have the firewall direct the specific request to a specific box behind it? ... changing DNS records for these computers. ...
(comp.security.firewalls)
routing using dns
... to use dns to route what dns records are needed to do this. ... example internet ... router, firewall etc. ...
(microsoft.public.exchange2000.transport)