Altering DNS Proxy over backup link

Paul Lawrie · ‎10-11-2017

Hi! I have a couple of small customer sites setup with IP SLA and 4G backup links. Everything works just fine if the primary link goes down and the default route goes out over 4G. However, some of these sites use an external DNS filtering product that allow access based on the external IP of the network the request is coming from.

In our case, when we fail over to 4G the clients can no longer resolve DNS.

We are currently proxying DNS on the router and doing DHCP on the router. There is no local server of any kind.

Is there a best practise way to approach this problem? Essentially I need the router to fail over to a different resolver when the primary link is down. IP SLA appears to be able to test for DNS resolution, but I can't see a way to alter the name-server

rais · ‎10-12-2017

Try configuring multiple name-servers and use 'ip domain round-robin'. It might mitigate the issue. Otherwise, event script could be used.
HTH.

Dean Romanelli · ‎10-13-2017

The standard to this problem I've always seen is usually to move external DNS record management for your public services to the ISP's servers and implement a dynamic DNS appliance/service. I would imagine that is a costly solution though, but I've never looked into the exact figure to be honest.

Here is an example:

Fatpipe's SmartDNS service.

http://www.fatpipeinc.com/products/addons/smart-dns.php

Basic Functionality of FatPipe's SmartDNS

Failover: FatPipe's SmartDNS will intelligently sense when a failure occurs and will make adjustments to the DNS replies so it will not resolve host names to the IP addresses that are associated with the connection that is down or unavailable.