[Dnsmasq-discuss] Adding DNS ALG support to dnsmasq
Bill
boober95 at rogers.com
Sat Oct 24 21:48:36 BST 2015
I was wondering if anyone has looked at or is is the process of adding DNS ALG
support, or something similar, to dnsmasq?
https://tools.ietf.org/html/rfc2694
What I would like to do to have the ability to query a DNS server located
behind a NAT, and have it return the IP of the NAT, and setup connection
tracking in the NAT to pass traffic thru to the host behind the NAT. The
effect of this is to have a reversible NAT, ie one that provides access to
hosts behind the NAT, not by their IP, but by their hostname.
(There are other things in DNS ALG, but I am really interesting only in the
reversible NAT aspect.)
Implementing this seems to need the DNS server (dnsmasq in this case), to
configure the NAT using the 'expect' feature of connection tracking. This
would permit the following packets to traverse the NAT to the host, provided
of course they meet the expectation (source, protocol, etc).
I'd like to know of anyone has looked at this, is implementing it, or knows of
any implementations. I have looked into it but have only seen enterprise
implementations (Cisco & Juniper), but nothing open-source.
/bill
More information about the Dnsmasq-discuss
mailing list