Tuesday, December 1, 2009

Cisco FWSM xlate problem.

Today I we had a problem where 2 of our DNS servers were unreachable from behind our Cisco NAT based FWSM. When running rspan of the inside link I saw:

2009-12-01 15:21:29.471361 IP (tos 0x0, ttl 255, id 1254, offset 0, flags [none], proto UDP (17), length 77) > [udp sum ok] 37364+ PTR? r._dns-sd._udp.resnet.wustl.edu. (49)
2009-12-01 15:21:29.471616 IP (tos 0x0, ttl 72, id 10215, offset 0, flags [none], proto ICMP (1), length 56) > ICMP net unreachable, length 36

We found the problem to be a corrupted global and local xlate table from the DNS servers:

PAT Global Local

No idea how this happened, but to fix the problem:

clear xlate global

