Network Address Translation of DNS responses

I “always knew” that Cisco IOS supports NAT translations between local and global addresses in DNS replies … until I wanted to use this functionality in one of my sample configurations and discovered it doesn’t work as expected.

A few tests later, I discovered the true story: DNS requests and responses are translated if and only if you define IP-level NAT translations using either the ip nat inside source static or the ip nat inside source list pool configuration command. The translations should not use any additional filters (do not use the route-map keyword) and cannot result in PAT translations (do not use the overload keyword).

You can find more details in the “Network address translation of DNS responses” article in the CT3 wiki.


  1. Have you realy test what solution?

  2. "DNS requests to outside DNS server" scenario would work with

    "ip nat outside source static 'ip' 'ip' no-alias".

  3. @liminas: Yes, I've tested the solution :)

  4. It doesn`t work even whith "ip nat inside source static or the ip nat inside source list pool configuration command" for me.
    Only "no-payload" helps!!!


