CentOS7 - How to forward DNS query from the server 1 (NS1) to another DNS server (NS2) when server 1 (NS1) failed to resolve the query

Question

How to forward DNS query from the server 1 (NS1) to another DNS server 2 (NS2) when the requested query is not found in server 1 (NS1).

Eg: I've two DNS servers (NS1, NS2)

On NS2 I've a zone (host1.ns2example.vm)

On NS1 named.conf "options" I've added "forwarders { 10.277.125.76;};" //This is the IP address of NS2.

When I try to ping host1.ns2example.vm from Windows command prompt the url is not resolving but when I try to ping the NS1 zone, I can see the response.

Expected Result: I should be able to get the IP address of the NS2 when I try to ping the NS2 zone (host1.ns2example.vm) from the windows command prompt!

Please share your knowledge on this.

Thank you. Hari

Answer 1

You misunderstand completely the concept of zone replication and the concept of forwarding.

First, forwarding is used for cases when a DNS zone isn't local. Global forwarding list is used to add defaults for every zone that doesn't have forwarders configured explicitly. When the forwarding is used, it means the server knows nothing bout a zone. Au contraire, when the NS has the local zone configured, it interprets this fact that I know everything about this zone and i serve it.

Thus, is zone is master-slave replicated, both NSes (or ever the whole chan of NSes), or the whole chain should have complete and consistent copies of given zone. Thie situation when you sequentually ask all of the NSes in case someone knows anything about a host is a nonsense. If you configured properly your NSes, then an NXDOMAIN answer is authoritative, and it stands for a given TTL timeout.

Furthermore, if for some reason one of the NSes doesn't answer at all, or is answering with SERVFAIL, the client resolver asks all of the other NSes for a zone automatically, without using the forwarder list. This design is the core functionality of the whole DNS system.