using DNS NAT on ASA in reverse?

[acidkewpie]

HI, i've just been faced with a routing issue with a third party which i'm hoping the nat dns feature will be able to help with, but i'd like some clarification if i can use it in the way i'm thinking of.

basically we have a 10.0.0.0/8 network, so do they, and we may have to reach literally *any* of those addresses purely based on the dns resolution that we get from their name servers. their failover model is that if siteA fails then they change their DNS to point at siteB basically, so we *MUST* keep resolving by their DNS servers, but we can not route to their IP's.

so with DNS NAT is it somehow possilbe to do the standard DNS lookup on their servers and then replace known IP addresses with a pre-natted equivalent IP which can then be used as a NAT into the third parties network, rather than it's original use of keeping the traffic from hitting the ASA at all? so rather than the DNS result that come back to the client being a local lan server, it's actually an address on the ASA which will then NAT the packets into the address that was originally in the DNS result that came back.

Sorry if this sounds confusing, but it's little clearer in my head at the moment. If this is possible i've a feeling that it may actually be a pretty neat way of doing it, but 'm not sure yet.

Thanks

Chris

 

[brianinms]

How are you planning to connect to this other location?