18

I need the ability to have specific dns servers for multiple networks, and i would like to know how to properly update my /etc/resolv.conf:

lets say I have a major vpn, that I route all my trafiic and DNS queries through it. But know I have another VPN that gives me specific accesss to a network, that VPN also as a DNS server, but it only serves a specific domain lets say: ´mydomain.local´

I have a constructed the following resolv.conf:

nameserver 10.8.0.1
search mydomain.local
nameserver 10.250.0.2

But the DNS queries will go on to the first domain server no matter what, changing order does not matter.

Can anyone give me any suggestion?

Alfredo Palhares
  • 181
  • 1
  • 1
  • 3

3 Answers3

17

Impossible to achieve using /etc/resolv.conf only.

I'd say the easiest thing is to install dnsmasq (a caching DNS client), make it the sole resolver by putting nameserver 127.0.0.1 into /etc/resolv.conf and then modify dnsmasq configuration:

  • uncomment no-dhcp-interface= to disable dnsmasq's DHCP server facilities;
  • add a single generic record: server=10.8.0.1;
  • add specific record: server=/mydomain.local/10.250.0.2 to all requests for hosts in mydomail.local go to that server.
kostix
  • 1,100
  • 1
  • 7
  • 13
4

Actually this can be done if you are using dnsmasq.

At the bottom of your /etc/dnsmasq.conf file you can add lines like this:

server=/domain.net/172.166.7.23
server=/domain.com/142.124.17.12

I haven't tested it on more than my machine, but it works for me.

My requirement was because my VPN client was not using the correct nameservers when connected to a workplace to route internal addresses. This fixed it to use internal DNS servers for specific domains.

r b
  • 61
  • 5
2

This could be difficult to achieve, using plain /etc/resolv.conf only, imho. Would it be a problem, to install a local resolver? If not - the following plan might be applicable:

  1. Install a cache-only DNS from your distro repository. The default configuration should work and usually you have 127.0.0.1 as a listening address only.
  2. Backup your existing /etc/resolv.conf and create a new one, containing barely nameserver 127.0.0.1. Test that your local DNS works correctly, resolving Internet names.
  3. Put the following in the named.conf:

zone "mydomain.local" { type forward; forward only; forwarders { Your-VPN-DNS-IP; }; };

  1. Test it again, both Internet and VPN resolution. If successful, you could add a search line to /etc/resolv.conf.

HTH-RB

bofh
  • 61
  • 2