From: Jamie B. <jj...@ri...> - 2011-08-03 15:09:57
|
I'm using Shorewall with a load-balanced muti-ISP config along with LSM for failover. It's working great, except for DNS requests. I'd appreciate some advice on how to best configure this. The WAN connections are a T1 through XO and a cable connection through Comcast. About 80% of the traffic is routed out the Comcast connection under normal connections. I would like to ensure that DNS requests that leave the Comcast interface are routed to Comcast's DNS servers and vice versa for XO. I know I can add some entries in tc-rules, but this only solves part of the problem. It still requires that clients know which DNS server to request. But since the client has no idea which WAN interface the request will travel through, it can't know whether to send the lookup to Comcast or XO's DNS server. I suspect that I need to do some time of outgoing NAT. But I'm not sure if I'm over-complicating things. And if I'm not, how do I configure something like this? Thanks! |