No NAT reflection for Virtual IP - DNS not applicable



  • I have a webstie (and ssh) on a server with just a public IP address. There is no DNS entry. We access via the bare IP address only.

    I set up NAT reflection for that IP so that the internal machines can access it.

    I have two internal networks/subnets that get routed. One is the 'main' subnet and the other is handled via a virtual IP.

    • Access from outside is just fine.
    • Reflection to the main internal subnet is just fine.
    • Reflection to the virtual IP's internal subnet doesn't work - mostly. See below.

    For our websites with DNS entries, all the NAT reflection works just fine for both subnets.

    I would have set up split DNS except that we have a site without DNS...

    Here is the "below" part: If I make certain trivial changes, for example changing back and forth between Pure NAT to NAT + Proxy, reflection for the internal VIP subnet works for just a few seconds. Then, it stops.

    I set up logging for the relevant firewall rule, but I don't see anything relevant in the logs.


Log in to reply