Configuring clients to use a specific nameserver for a domain? [duplicate]

By Posted on

Problem :

Possible Duplicate:
How can I set up Linux to use a different DNS server for a certain domain?

Right now I have a multiple nameservers defined in my /etc/resolv.conf but they are all used for all lookups.

What I would like to do is specify which domain server is used for which toplevel domain, eg.

nameserver .com 1.2.3.4
nameserver .local.site 2.3.4.5
nameserver * 3.4.5.6

Is there a way to do this on Linux ?

Solution :

It is standard practice to have, for a group of domains, one master and several secondaries that perform zone-transfers from the master. In other words, I wouldn’t do it that way.

In practice you would perform that configuration in the DNS demon’s configuration files – look up zone delegation.

resolv.conf is for the client end, the client should be told by any nameserver which nameserver to refer to for queries about specific domains. You should absolutely not try to configure knowledge about domain delegation into the client configuration.

Example of a DNS config with private and public DNS resolution

options {
        directory "/var/named";
        forward only;                      // ISP doesn't permit bypass
        forwarders { 1.2.3.4; 5.6.7.8; };  // ISP's DNS servers
};


zone "localhost" IN {
        type master;
        file "localhost.zone";
        allow-update { none; };
};

zone "0.0.127.in-addr.arpa" IN {
        type master;
        file "named.local";
        allow-update { none; };
};

zone "example.com" IN {
        type master;
        file "example.com";
        allow-update { none; };
};

zone "0.0.10.in-addr.arpa" IN {
        type master;
        file "10.0.0";
        allow-update { none; };
};

zone "129.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.129";
        allow-update { none; };
};

In this case, the file “example.com” contains names and addresses of computers that are not visible to the outside world. The public internet sees a completely different set of DNS servers for example.com (provided by ISP of domain host/registrar) which have completely different records. You have to duplicate the external records in your internal zone file but usually these are few (maybe just an A record for www.example.com).

Other internal DNS servers would be simple secondaries of this primary for all the same zones.

The forwarders directive does the “redirection” you seek. All internal computers have resolv.conf’s that point only to the internal DNS servers. It is those servers that provide information about both of the separate internal and external worlds. Internal computers do not need to know anything about this internal/external division of DNS namespace.

Leave a Reply

Your email address will not be published. Required fields are marked *