We have a corporate Lync environment with a large # of users hitting it via their VPN tunnels. We've set up routing on the VPN client side to allow VOIP traffic to be routed over the public network rather than through the tunnel -- if we can just get the DNS lookups to return the public IP's instead of the internal IP's. We run BIND and I'm struggling to see a solution short of creating a special view or separate BIND server just for VPN clients in which I need to create many zone files to override the relevant Lync DNS records (one zone per record since unfortunately all of our Lync-related records live within our primary domain). Seems ugly and error prone. Maybe BIND's RPZ could help? Or maybe there's some simpler solution I'm missing. We also have F5 w/ GTM -- maybe some magic could be done there. Any thoughts/advice? Ray