[c-nsp] Question about NAT Rate Limiting

Church, Chuck cchurch at netcogov.com
Wed Dec 1 23:26:16 EST 2004


That's not a bad idea.  I'm thinking a keyword such as 'no-resolve' for
when you want the DNS name preserved, versus the address.  If
'no-resolve' is used and only 1 DNS server is configured, print out a
warning message, but accept it.  Or something like that... 


Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation Team
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D 


-----Original Message-----
From: Rodney Dunn [mailto:rodunn at cisco.com] 
Sent: Wednesday, December 01, 2004 10:22 AM
To: Gert Doering
Cc: Rodney Dunn; Church, Chuck; cisco-nsp
Subject: Re: [c-nsp] Question about NAT Rate Limiting

That's a similar idea I had this morning.
Let me bring it back up with them when
I can get time.


On Wed, Dec 01, 2004 at 05:55:15PM +0100, Gert Doering wrote:
> Hi,
> 
> On Tue, Nov 30, 2004 at 08:45:06PM -0500, Rodney Dunn wrote:
> > CSCdk24315
> > Externally found minor defect: Closed (C)
> > DNS Resolution required at run time
> > 
> > The main pushback appears to be what
> > happens when the ntp server is actually
> > up but yet the DNS server is down.
> 
> You keep the address that you know from "last time", and ask DNS again
> some time in the future.  That's how the Juniper/Netscreen firewalls
do
> it, and it's extremely convenient.
> 
> gert
> 
> -- 
> USENET is *not* the non-clickable part of WWW!
>
//www.muc.de/~gert/
> Gert Doering - Munich, Germany
gert at greenie.muc.de
> fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de



More information about the cisco-nsp mailing list