dns issue with ISP Redundancy?

[ktpoitm]

Has anyone experienced dns issues when using the backup line, via the ISP Redundancy? dns is fine on the primary DS1, but when the cluster switches to the backup satellite connection, dns will not resolve correctly all the time. I can reach some sites and not others, pure hit and miss. I am running a SecurePlatform HA Cluster, NGX R60.

Thank you,

[mcnallym]

Are you talking about connecting from inside your local network to the Internet or from the Internet to your own hosted websites that isn't resolving properly.

[ktpoitm]

From inside the network going out to the Internet.

DNS resolves to 0.0.0.0 on some sites. Also, the Tracker log shows that some domain-udp requests originate from the management console and others originate from the enforcement point. We only see domain-udp requests originate from the management console when we fail over to the second line. I can not prove it, but I assume the sites we can not reach are the ones were the domain-udp requests originate from the management console.

[mcnallym]

How is your internal DNS setup, I presume all boxes point at an internal DNS server that is then setup with a forwarder to an ISP DNS Server for names outside of your domain

Have an object defined for the internal dns server and then hide nat behind the gateway. This will then just nat the outbound dns behind which ever link is active.

Sounds more like the NAT isn't correctly configured.

I don't really see how the gateway or management console would be the only ones performing dns lookups