MTA RANGE CAN'T REACH DNS (PUBLIC ADRESS) ON 7246VXR TO COMPLETE PROVISIONNING. | docsis.org

You are here

HomeForumsDocsis chat

MTA RANGE CAN'T REACH DNS (PUBLIC ADRESS) ON 7246VXR TO COMPLETE PROVISIONNING.

5 posts / 0 new
Log in or register to post comments
Last post
Tue, 09/29/2009 - 09:39
#1
Maurice
MTA RANGE CAN'T REACH DNS (PUBLIC ADRESS) ON 7246VXR TO COMPLETE PROVISIONNING.

Hi,

Please could someone help me to configure NAT for the MTA RANGE to reach ONLY DNS (PUBLIC IP X.X.X.Y) THIS DNS is behind a router that i don't have the control.

Here is an extract of the config
!
ip cef
ip dhcp relay information option
!
ip dhcp-server X.X.X.3 // PUBLIC IP
!

interface GigabitEthernet0/1
ip address X.X.X.X 255.255.255.240 //PUBLIC IP
duplex auto
speed auto
media-type rj45
negotiation auto
!
!
interface Bundle1
ip address Y.Y.232.1 255.255.252.0 secondary // PUBLIC IP FOR CPE
ip address 10.10.0.1 255.255.252.0 secondary // PRIVATE IP FOR MTA
ip address 172.10.0.1 255.255.252.0 // PRIVATE IP FOR CABLE mODEM
cable arp filter request-send 3 2
cable arp filter reply-accept 3 2
cable source-verify
cable dhcp-giaddr policy
cable helper-address X.X.X.X // PUBLIC IP SAME AS DHCP SERVER
!
ip default-gateway X.X.X.1
ip classless
ip route 0.0.0.0 0.0.0.0 X.X.X.1
no ip http server
no ip http secure-server
!

Top
Tue, 09/29/2009 - 11:25
kwesibrunee
I would recommend against

I would recommend against NAT, because when you turn NAT on it creates a lot of overhead as it inspects every packet, expect a 10-20% CPU increase just turning it on.

As an alternative you could use the built-in functionality of CISCO IOS to act as a DNS proxy, while not a perfect implementation, it will probably do the trick for your mtas.

you can enable it with these commands

ip domain-lookup
ip name-server X.X.X.Y
ip dns server

read more about this feature here

Top
Tue, 09/29/2009 - 13:33
(Reply to #2)
Maurice
Thx for you help. I don't

Thx for you help.

I don't have the command : ip dns server.

Top
Tue, 09/29/2009 - 21:43
(Reply to #3)
kwesibrunee
I apologize the CMTS IOS

I apologize the CMTS IOS does not have

ip dns server

as of 12.3.23....

I did not do my homework properly.....

not only that but IOS for the CMTS does not have nat Either..... hmm

I think your best bet is to grab a $100-150 cisco 2600 series router from somewhere like cablesandkits.com and have it be your dns proxy, and yes I checked with the appropriate IOS 12.3.something recent the command exists, maybe a FastEthernet adapter too to connect it to your cmts... .

Top
Wed, 09/30/2009 - 01:21
(Reply to #4)
Maurice
Are you sure about the fact

Are you sure about the fact that UBR7246 does'nt have NAT cause i have the diferrent command ip nat inside, outside etc.. ?
Is there another way to define the route of the DNS public adress and to permit the 10.10.X.X range to reach this DNS IP ? (it's for KDC request) ?

Thx

Top
Log in or register to post comments