1) source does DNS lookup for the FQDN "dest.example.com".
2) source's DNS server is co-resident on the ingress tunnel router
and performs a lookup in the global DNS for a well-known prefix
appended to the FQDN suffix, e.g.: "egress.example.com".
3) source's DNS server gets back locators for the egress tunnel
router from the global DNS, then sends an IP-in-IP encapsulated
RFC4620 Node Information Query asking the egress tunnel router
to resolve the FQDN "dest.example.com".
4) egress tunnel router returns identifers associated with
"dest.example.com"; ingress tunnel router caches the resolution
and returns the resolution to the source as response to the
"real" DNS query.