NAT DNS Packet Inspection and Fixup

NAT provides an ALG (Application Layer Gateway) for the inspection and fixup of DNS packets that are being forwarded by the NAT process. NAT DNS packet inspection and fixup consists of parsing DNS request or response packets, identifying IP addresses contained within that may need to be NATed, and fix up the DNS packet with the appropriate NAT translations.

NAT inspection of DNS packets is disabled by default.

Use the ip | ipv6 nat inspect dns command in global configuration command mode to enable NAT DNS packet inspection and fixup.