 Re: Mini DNS on enforcement module
It seems that for use ISP redundancy for incoming connections, you should have your own DNS servers in LAN, or rather, all DNS queries should arrive your Firewall-1. So you should have two NS records with IP addresses your Firewall-1 (or some NAT addresses for your DNS servers).
So incoming DNS queries would intercepted by your Firewall-1 and Firewall-1 will return IP by first ISP or by another ISP.
Last edited by kva.kva; 2006-02-09 at 05:32. |