Branch Office VPN - DNS best practices?
Main office - T50 / 12.5.2
Office A - T35 / 12.5.2
Office B - T35 / 12.5.2
Office E - T35 / 12.5.2
All offices are connected to every other office through tunnels
My main office has 3 DNS server 200.6, 200.12, 200.14
Each branch office is configured with the WINS/DNS tab to be only ISP DNS servers. Under the DHCP on the watchguard of each branch office I have configured 1 DNS server from main office (200.6) and the other 2 are the external DNS servers.
My thought was that if the internet ever goes out at the branch offices they only lose the ability to reach main office and can still use the internet locally as their insurance software is web based.
For some reason as of late all my branch offices are experiencing lag with almost all internet functions. Outlook, insurance software, browsing shares over the VPN, ETC.
What is best practice in this scenario? Is there a more efficient way I could set this up or should I be using DNS forwarding or some other function that I may not understand?