I stumbled into a difference between 6sp4 and 65sp1 that is driving me nuts.

I had a nw6sp4 server setup to handle all of my Groupwise services. POA, MTA, GWIA and WebAccess. This worked perfectly. I had the realworld address for GWIA as a secondary ip address on my bordermanager server bm38 on nw65 server. It had a static NAT mapping to the server running GWIA. GWIA only had a private ip address. It's default gateway was the private interface of bordermanager with two static routes defined for the rest of the internal network. This all worked perfectly.

For multiple reasons, I moved POA, MTA and GWIA to our new cluster server. nw65sp1a on both nodes. Setup exactly the same way (default gateway set to bordermanager and two static routes for the internal network). This allows internet traffic to work, but not local traffic. If I set the default gateway to the internal router, the internet breaks.

I created two default gateways. One for BM and one for local. This worked fine for a few days, but stopped. I changed the metric to BM to a lower metric. Internal traffic worked, but not the internet. Swap the metrics and the problem swaps.

Basically, how do I configure a 65 server behind BM to be able to reply internet packets coming from BM back through the same route AND allow local 10.x traffic to happen without it routing it back through BM.