Subject tag [Dovecot] is gone
Reindl Harald
h.reindl at thelounge.net
Fri Jun 13 10:19:24 UTC 2014
Am 13.06.2014 12:17, schrieb Reindl Harald:
> Am 13.06.2014 12:09, schrieb Nick Edwards:
>> On 6/11/14, Jost Krieger <Jost.Krieger+dovecot at rub.de> wrote:
>>> On Wed Jun 11 12:03:24 2014, Reindl Harald wrote:
>>>
>>>> Cisco routers by default mangle DNS traffic, break zone transfers
>>>> or even put befor all CNAME blocks a $TTL 0 line never appeared
>>>> on the master until you disable DNS ALG for UDP and TCP
>>>
>>> I believe that Cisco equipment will do such things, but I doubt it's the
>>> routers. Unless you plug a firewall card in.
>>>
>>
>> think he means junk like PIX, I've never seen a 7200, 7300, 10K, or
>> any ASR do that
>
> http://www.2mul.com/c/en/us/products/routers/2921-integrated-services-router-isr/index.html
>
> and even the small Cisco 6 years ago supplied by our ISP
> did the same - most likely you just don't realize it if
> you are not hoster of public nameservers and have one of
> them in front of and one behind the NAT
here you go:
http://www.cisco.com/en/US/technologies/tk648/tk361/tk438/technologies_white_paper09186a00801af2b9.html
and here you go to disable this dumb behavior:
no ip nat service alg udp dns
no ip nat service alg tcp dns
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140613/71548dab/attachment.sig>
More information about the dovecot
mailing list