DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
DNS Weirdness with 2800v
- wibblywobblyteapot
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
19 Jul 2009 17:04 #56782
by wibblywobblyteapot
DNS Weirdness with 2800v was created by wibblywobblyteapot
I'm looking for some guidance with my 2800v and a DNS issue I have. I'm setting up a mixed NAT & Routed like this;
x.x.x.32 network address
x.x.x.33 reserved
x.x.x.34 reserved
x.x.x.35 reserved
x.x.x.36 reserved
x.x.x.37 Edge Mail Gateway
x.x.x.38 Draytek -> NATTING TO 192.168.200.0/24
x.x.x.39 broadcast
On the natted LAN machine 192.168.200.25 is a Mail & DNS server {MASTER}. Everything almost works as expected except for DNS. Despite there being a NAT forwarding rule for destination port 53 (tcp and udp) requests directed at if from the machine in the routed network (x.x.x.37) fail to NAT through to 192.168.200.25. External DNS queries from 'the wild' seem to make it in on x.x.x.38 and NAT to the back end server OK.
The weirdness comes with the routed machine trys to make lookups on the router IP address for natting to the back end machine. If you force a dig @x.x.x.38 from the routed machine the Draytek does not obey the NAT rule and pass it back. Instead it passes it to the WAN DNS servers that it picked up on connection.
Changing the DNS servers tied to the WAN only seems possible via the 'Quick Start Wizzard', and I don't think this will be generally very useful. Should the NAT rule not stand for a routed client hitting the router WAN port? Is this a 'feature' or is it me be a plinky winky plonker?
x.x.x.32 network address
x.x.x.33 reserved
x.x.x.34 reserved
x.x.x.35 reserved
x.x.x.36 reserved
x.x.x.37 Edge Mail Gateway
x.x.x.38 Draytek -> NATTING TO 192.168.200.0/24
x.x.x.39 broadcast
On the natted LAN machine 192.168.200.25 is a Mail & DNS server {MASTER}. Everything almost works as expected except for DNS. Despite there being a NAT forwarding rule for destination port 53 (tcp and udp) requests directed at if from the machine in the routed network (x.x.x.37) fail to NAT through to 192.168.200.25. External DNS queries from 'the wild' seem to make it in on x.x.x.38 and NAT to the back end server OK.
The weirdness comes with the routed machine trys to make lookups on the router IP address for natting to the back end machine. If you force a dig @x.x.x.38 from the routed machine the Draytek does not obey the NAT rule and pass it back. Instead it passes it to the WAN DNS servers that it picked up on connection.
Changing the DNS servers tied to the WAN only seems possible via the 'Quick Start Wizzard', and I don't think this will be generally very useful. Should the NAT rule not stand for a routed client hitting the router WAN port? Is this a 'feature' or is it me be a plinky winky plonker?
Please Log in or Create an account to join the conversation.
- wibblywobblyteapot
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
21 Jul 2009 10:37 #56804
by wibblywobblyteapot
Replied by wibblywobblyteapot on topic DNS Weirdness with 2800v
Yep this is seriously broke;
dig @x.x.x.37 mx munged.co.uk
;; reply from unexpected source: 212.23.3.100#53, expected x.x.x.37#53
I was warned there were 'NAT ISSUES' with the 28xx, is this one of those issues? I don't mind - I just need to know so I can pull it.
dig @x.x.x.37 mx munged.co.uk
;; reply from unexpected source: 212.23.3.100#53, expected x.x.x.37#53
I was warned there were 'NAT ISSUES' with the 28xx, is this one of those issues? I don't mind - I just need to know so I can pull it.
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek