DHCP: How can I forward DNS requests to an internet DNS server but serve local DNS requests from a local DNS server?
Solution 1
Setup your LAN DNS server to forward requests that it isn't authoritative for to an upstream DNS server (Google's will do). It's not as good as maintaining a single hierarchy and keeping proper authoritative/recursive separation, but it'll at least work.
Solution 2
In addition to what others have said, remove any and all public DNS servers from your DHCP scope. Internal DNS clients should only be using internal DNS servers for name resolution. You can configure forwarders or use the root hint servers on your DNS server for resolving external DNS names. If that's not working then you need to figure out why and fix that.
Adding external DNS servers to your DHCP scope isn't going to help, it's only going to create other problems for you. I can't tell you how many times I've resolved flaky email, internet, name resolution, and general network problems by removing public DNS servers from clients that should only be using internal DNS servers.
Solution 3
Set up forwarders in your local DNS servers, so that they'll answer from local zones if they have them for a given request, and forward to internet servers if they don't.
Related videos on Youtube
10 : 44
06 : 47
06 : 06
06 : 05
02 : 03
alastairs
I'm a software engineer working out of Cambridge, UK. I work mostly with C#, and my main computing interests lie in distributed systems.
Updated on September 18, 2022Comments
-
alastairs almost 2 years
I have a small network of computers which mostly access stuff online. I have a domain controller running on that network, which is also serving as the DHCP and DNS server.
I have configured DHCP (using the Scope Options) to provide the following IP addresses as the DNS servers for the network:
- 192.168.0.31 (my LAN DNS server, the primary DNS server)
- 8.8.8.8 (Google's DNS server, the secondary DNS server)
The DNS server addresses are being correctly handed out to the DHCP clients. However, I cannot resolve any LAN domain names using this pair of DNS servers, even using their FQDNs. If I remove Google's DNS server from the list, I can resolve LAN domain names but not anything online. It takes a little while (30 mins?) for the resolution of online domain names to stop working; presumably this is something to do with the DNS cache?
The same thing happens if I add Google's DNS server to the DHCP client manually, in addition to my LAN DNS server.
Obviously I've configured something incorrectly, or have missed a step (do I need to set up DNS forwarding, perhaps?). Any help you can provide will be gratefully received!
-
Zoredache almost 13 years
-
ravi yarlagadda almost 13 yearsBeaten to it! <filler>
