[Shorewall-users] Dual ISP config: How to forward DNS requests to the proper server?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

I'm using Shorewall with a load-balanced muti-ISP config along with LSM for
failover.  It's working great, except for DNS requests.  I'd appreciate some
advice on how to best configure this.

The WAN connections are a T1 through XO and a cable connection through
Comcast.  About 80% of the traffic is routed out the Comcast connection
under normal connections.  I would like to ensure that DNS requests that
leave the Comcast interface are routed to Comcast's DNS servers and vice
versa for XO.  I know I can add some entries in tc-rules, but this only
solves part of the problem.  It still requires that clients know which DNS
server to request.  But since the client has no idea which WAN interface the
request will travel through, it can't know whether to send the lookup to
Comcast or XO's DNS server.

I suspect that I need to do some time of outgoing NAT.  But I'm not sure if
I'm over-complicating things.  And if I'm not, how do I configure something
like this?  Thanks!