0

I'd like to be able to serve unqualified domain names like "pos" or "website" from my DNS server on my LAN and have regular DNS queries like "google.com" be served from my router.

On my router, under "DHCP" settings, I can assign a primary and secondary DNS server. If I set the primary to the router itself and the secondary to the LAN DNS server, the queries never resolve. If I set the primary to the DNS server and the secondary to the router, the queries get resolved but it takes forever (due to timeouts).

Is there a way to speed up the requests somehow when I point to the internal DNS server first? I'm not very experienced with DNS servers and router configurations when it comes to stuff like this. In my older router I had dnsmasq and that solved this problem quite handily, but my new router doesn't have it.

Summary: I want to use my LAN DNS server ONLY for unqualified domain names and any other request should point to the router's DNS servers.

JakeTheSnake
  • 343
  • 1
  • 8
  • 19

2 Answers2

3

Set the primary to the LAN dns

In the lan dns set the forwarder to your router

forwarders {XX.XX.XX.XX;};

under options

Choon Keat
  • 46
  • 2
  • I tried this but it wasn't working...I had to check "use root hints if no forwarder is available". It is working now! – JakeTheSnake Apr 06 '13 at 15:48
  • It works for a single-label name? If so, can you provide an example using nslookup in interactive mode with debug turned on? – joeqwerty Apr 06 '13 at 15:59
  • Well it isn't ACTUALLY a single label name, by request I use a single label name but the "connection-specific dns suffix" is automatically appended. It is "ss". So the nslookup command is "nslookup pos" and it returns "pos.ss" with the correct IP. – JakeTheSnake Apr 06 '13 at 17:48
  • OK, that makes more sense. Thanks for the clarification. – joeqwerty Apr 06 '13 at 17:51
0

  1. What do you expect the DNS server to answer with?

  2. That's not how DNS works. A DNS server can't answer for an unqualified, single-label name, except in the case of Windows Server 2008 and later DNS which can use the new GlobalNames Zone (GNZ) feature to answer for single-label names from the GlobalNames Zone, which needs to be populated with the names it's expected to resolve from this zone.

  3. A DNS server answers for domain names for which it is authoritative, which means that the DNS server must have a zone configured and the clients querying against that zone must submit a DNS query that contains the DNS suffix that matches the zone. For example, if the DNS server has a zone named HOME.COM and a client queries the server for MY.HOME.COM, then the server can answer authoritatively. A DNS server cannot be authoritative for 'NULL', 'Empty' or 'Nothing'.

Here's the output of nslookup on my computer querying my DNS server for a single-label name:

C:\Users\Joe Webster>nslookup
Default Server:  w2k8r2dhcpdns1.home.local
Address:  192.168.1.2

> set debug
> test
Server:  w2k8r2dhcpdns1.home.local
Address:  192.168.1.2

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        test, type = A, class = IN

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = SERVFAIL
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        test, type = AAAA, class = IN

------------
*** w2k8r2dhcpdns1.home.local can't find test: Server failed
>
joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • You are correct, see my comment response to the accepted answer. I was referring to 'searching by unqualified dns' in the sense of user input, not in the final response. So I search for "pos", I get "pos.ss" (where 'ss' is my dns suffix). When I put "pos" in the browser, it works. – JakeTheSnake Apr 06 '13 at 17:49