[c-nsp] Question about NAT Rate Limiting
Church, Chuck
cchurch at netcogov.com
Wed Dec 1 23:26:16 EST 2004
That's not a bad idea. I'm thinking a keyword such as 'no-resolve' for
when you want the DNS name preserved, versus the address. If
'no-resolve' is used and only 1 DNS server is configured, print out a
warning message, but accept it. Or something like that...
Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D
-----Original Message-----
From: Rodney Dunn [mailto:rodunn at cisco.com]
Sent: Wednesday, December 01, 2004 10:22 AM
To: Gert Doering
Cc: Rodney Dunn; Church, Chuck; cisco-nsp
Subject: Re: [c-nsp] Question about NAT Rate Limiting
That's a similar idea I had this morning.
Let me bring it back up with them when
I can get time.
On Wed, Dec 01, 2004 at 05:55:15PM +0100, Gert Doering wrote:
> Hi,
>
> On Tue, Nov 30, 2004 at 08:45:06PM -0500, Rodney Dunn wrote:
> > CSCdk24315
> > Externally found minor defect: Closed (C)
> > DNS Resolution required at run time
> >
> > The main pushback appears to be what
> > happens when the ntp server is actually
> > up but yet the DNS server is down.
>
> You keep the address that you know from "last time", and ask DNS again
> some time in the future. That's how the Juniper/Netscreen firewalls
do
> it, and it's extremely convenient.
>
> gert
>
> --
> USENET is *not* the non-clickable part of WWW!
>
//www.muc.de/~gert/
> Gert Doering - Munich, Germany
gert at greenie.muc.de
> fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list