We have previously configured an ACE context for implementing redundant corporate DNS service and now testing a transparent ACE context and HA configuration.One virtual-IP is configured for UDP/53, listening for DNS requests. Behind the VIP, there are 3 DNS server. The next step of our testing process, we have shut down all real-server instance behind the virtual-IP while inspecting DNS clients behaviour. Besides the DNS clients requesting the virtual-IP DNS service need ICMP-destination-unreachable packet to switchover the secondary DNS server.
Can ACE 4710 send ICMP-dest-unreachable?
Thanks in advance!
Unfortunately the 4710 does not send icmp unreachable when a vserver is down.
If you have backup dns service, you can configure it on ace itself.