Forum Discussion
Antony_413
Apr 10, 2012Nimbostratus
If you are routing DNS via the Layer7 can I assume that you are not calling the DNS servers directly with other processes?
If so, perhaps you can set up a Layer7-centric IP on the DNS unit that has a gateway of the Layer7s floating IP, creating a hub-spoke setup. Using hub-spoke you can turn off SNAT because the gateway on the DNS is forced back through Layer7.
Alternately, setting the default gateway on the existing DNS server NIC to Layer7; or an Alias IP ? There are many ways to address a server but the key is to get that server to reply directly to Layer7 to enable you to turn off SNAT and pass the client IP through with the request packet.