I think what you are talking about is a static nat ( conduit, in Cisco speak )
It's done all the time, for just the reason you mention. any device for which you want / need a single internet face, use a static NAT. Chuck ""Michael Hair"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have been re-reading the posts again and I have one question. > > I believe what Chuck says is true about NAT outbound changes the source > address, not the destination address. > > So.... > > Would it be possible to change the destination address on the inbound side ? > > For example. > > Let say I have a web server behind my router doing NAT. 192.168.75.105. How > would I tell the router to redirect connections going to 209.165.166.59 port > 80 to go to 192.168.75.105 port 80. So I would be using the private address > on the inside but still want the public IP address to be used by outside > world. Would this not be changing the destination address ? > > Can this actually be done ? > > Thanks > Michael > > > > > ""Chuck"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > hhmmm..... > > > > as I understand the original question, each workstation in the network in > > question is hard coded for DNS. > > > > So, if for example, my machine is hard coded for DNS server 207.126.96.162 > > ( my ISP DNS server ) and I change ISP's, and make no changes to my > > workstation, then any DNS request will have a destination address of > > 207.126.96.162 > > > > The question, as I understand, if how to change that destination address > > without making workstation visits. > > > > Policy routing can change next hop, but not destination address. NAT > > outbound changes source address, not destination address. > > > > Unless there is a packet interceptor that takes all DNS requests, and > > physically changes the destination address, the user has few options. > > > > Again, IF the former ISP does not restrict DNS requests to its own address > > space, i.e. accepts DNS requests from anywhere, then there is no problem, > > and no changes need be made. > > > > However IF ( and this would be good practice for a lot of reasons ) the > > former ISP does indeed restrict DNS requests to source addresses within > its > > own space, then there will have to be additional changes on the user > > network. > > > > This whole discussion illustrates why people SHOULD follow best practice > > from the get go. If they want to hard code IP's, then I believe DHCP can > be > > configured so that it provides only DNS info and default gateway info, for > > example. the people who have insisted that their network hard code > > everything are now learning the hard lesson. > > > > Chuck > > > > > > ""Priscilla Oppenheimer"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > At 05:11 AM 2/18/02, Godswill HO wrote: > > > >You can still use your former ISP's DNS records while using the new > ISP's > > > >bandwidth. It does not matter who owns the DNS server. Everybody have > > access > > > >to it once they are in the internet. Except when they are specifically > > > >filtered. > > > > > > > >The only drawn back is that, Your new ISP have to forward the packet in > a > > > >round trip to the old ISP's network through the internet before they > are > > > >resolved and sent back to you machine, > > > > > > It would depend on what records they are accessing. If the users are > going > > > to the Internet and accessing sites such as www.cisco.com and > > > www.groupstudy.com, for example, the DNS queries don't have to go back > to > > > the original ISP. > > > > > > >had it been you are using the DNS of > > > >your new ISP, these request would stop there. Do not loose your sleep, > > > >because at the worst these delays are in milisseconds and not easily > > > >noticeable by the eye, more each machine have a cache so it does not > > forward > > > >every request. Great if you have a Cache Engine to compliment the > > machine's > > > >cache. > > > > > > > >Whatever, you are kool and everything will be fine, switch to your new > > ISP > > > >and enjoy. > > > > > > > >Regards. > > > >Oletu > > > >----- Original Message ----- > > > >From: Michael Hair > > > >To: > > > >Sent: Sunday, February 17, 2002 8:07 PM > > > >Subject: DNS Request Redirection [7:35703] > > > > > > > > > > > > > I was wondering what is the best way to take care of the following: > > > > > > > > > > I have been using a private address space behind a Cisco 4500 router > > > > > connected up to our current ISP using NAT, now we want to move our > > > > > connection from our current ISP to a new ISP with better bandwidth. > My > > > > > problem is that we don't want to change all our client machines > TCP/IP > > > > > settings, which are all static, for some reason or another they were > > all > > > > > setup to use our ISP's DNS. Not my idea but that another problem. So > > how > > > >can > > > > > I setup our router to forward requests looking from our current > ISP's > > DNS > > > >to > > > > > our new ISP's DNS without touching all the client machines. > > > > > > > > > > Would the best way be to use policy-base routing? > > > > > > > > > > Would a static route work? > > > > > > > > > > Could I use a static route under NAT? > > > > > > > > > > If someone could proved me a sample of how you could do this I would > > be > > > > > greatful... > > > > > > > > > > Thanks > > > > > Michael > > > >_________________________________________________________ > > > >Do You Yahoo!? > > > >Get your free @yahoo.com address at http://mail.yahoo.com > > > ________________________ > > > > > > Priscilla Oppenheimer > > > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35816&t=35703 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
