Tuesday, December 1, 2009

Cisco FWSM xlate problem.

Today I we had a problem where 2 of our DNS servers were unreachable from behind our Cisco NAT based FWSM. When running rspan of the inside link I saw:


2009-12-01 15:21:29.471361 IP (tos 0x0, ttl 255, id 1254, offset 0, flags [none], proto UDP (17), length 77) 172.17.25.94.63881 > 128.252.135.4.53: [udp sum ok] 37364+ PTR? r._dns-sd._udp.resnet.wustl.edu. (49)
2009-12-01 15:21:29.471616 IP (tos 0x0, ttl 72, id 10215, offset 0, flags [none], proto ICMP (1), length 56) 172.17.25.254 > 172.17.25.94: ICMP net 128.252.135.4 unreachable, length 36


We found the problem to be a corrupted global and local xlate table from the DNS servers:


PAT Global 128.252.135.4(63481) Local 182.252.135.4(49370)


No idea how this happened, but to fix the problem:


clear xlate global 128.252.135.4

No comments:

Post a Comment

Followers