Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Fixup protocol

Thread Tools

Fixup protocol
Posts: n/a
Hi all,

Can some explain the correct usage of no fixup protocol dns command..
will this anyway bring about utilisation of PIX


Reply With Quote
Posts: n/a
Hi Frank,

You may wish to investigate Cisco's DNS Fixup:

Hope this helps.

Brad Reese
1293 Hendersonville Road, Suite 17
Asheville, North Carolina USA 28803
USA & Canada: 877-549-2680
International: 828-277-7272
Fax: 775-254-3558
AIM: R2MGrant
BradReese.Com - Cisco Power Supply Headquarters

Reply With Quote
Walter Roberson
Posts: n/a
In article <(E-Mail Removed) .com>, Removed) <(E-Mail Removed)> wrote:

>Can some explain the correct usage of no fixup protocol dns command..

If you use the alias command, then there are -two- effects, one
having to do with changing the destination IP on -outgoing- packets,
and the other having to do with rewriting DNS responses. One might
want the IP destination rewriting without wanting the DNS rewriting;
if so then you would turn off the DNS fixup.

If you are using PIX 6.2 or PIX 6.3, then using the 'alias' command
is not encouraged, and the 'dns' keyword for the 'static' command
is recommended instead. If you are not using 'alias' and you did not
want DNS fixups to occur, you would normally just leave out the
'dns' keyword on the 'static'. It appears to me, though, that there is
no equivilent to the 'dns' keyword for nat/global commands, so
you might still need to disable the dns fixup for that case.

If you are using PIX 6.3, then the dns fixup also checks the length
of DNS responses, to prevent buffer overflows. When you use
'no fixup protocol dns' then the length checks are not done, which
might be important for you (especially if you want your users to be
able to stream music or videos by using DNS requests to bypass
restrictions on http accesses.)

>will this anyway bring about utilisation of PIX

Sorry, I do not understand that question ?
Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
fixup protocol for http B Squared Cisco 4 07-19-2005 07:01 AM
PIX MailGuard "fixup protocol smtp" and Exchange Server? David K Cisco 2 01-09-2004 02:26 PM
PIX 6.3(3) Fixup protocol dns and tftp... Masud Reza Cisco 1 01-03-2004 11:18 PM
fixup protocol esp-ike Michael Cisco 1 11-29-2003 04:16 AM
fixup smtp question Michael Cisco 1 11-28-2003 05:42 AM