How to route DNS requests to a specific DNS server?

2

2

I have a set of virtual machines that I have to configure for a school assignment. I configured a DHCP and a DNS server at my server machine. At the DHCP file the option-domain-name servers is pointing to the IP address of my DNS server and option-domain-name has the name of my 'aulas' domain.

The thing is...I have another machine on my network with two interfaces. One of them is configured by my school DHCP server and the other interface is configured by my DHCP server (which works fine). For some reason when I make DNS requests with dig, the DNS query goes to the school DNS server, which (of course) will not know this 'aulas' domain and will return no answers. I'll put the link to my conf files here.

I know that if I edit the client file /etc/resolv.conf and place my nameserver first it will solve the query. But if the two interfaces are both up and running the file will automatically be updated and will look like this:

nameserver 192.168.x.x
nameserver 10.0.0.1
search students.x.x.x.x aulas.asr

Here, the query goes to the first nameserver (school DNS) and returns no answers without even trying the second nameserver. If I remove the first nameserver it works like a charm for my aulas.asr domain. Do I need to make some sort of routing to use both interfaces at the same time? If so, how can I do it?

rockability

Posted 2016-12-26T17:52:30.473

Reputation: 25

your PC is using the NIC that connects to your school as the default interface. What happens when you disable it and then try again? – xR34P3Rx – 2016-12-26T18:11:49.150

what you can also do is modify your ip address settings on the school NIC and manually set it to use your VM's IP. – xR34P3Rx – 2016-12-26T18:12:37.393

Answers

1

If the DNS query positively determined that the name doesn't exist (from its point of view), that's still a success – and the resolver has no reason to keep retrying other servers. That only happens if there's no response at all (timeout) or if the server refuses the query outright.

The OS's built-in stub resolver only supports a single list of nameservers for everything – if you need per-domain routing, you'll need additional software: Unbound; dnsmasq; pdnsd; or systemd-resolved.

Example Unbound configuration:

# /etc/resolv.conf
nameserver 127.0.0.1

# /etc/unbound/unbound.conf
server:
    ...all the default stuff...

forward-zone:
    name: "aulas.asr"
    forward-addr: 10.0.0.1

forward-zone:
    name: "."
    forward-addr: 192.168.x.x

These settings can be updated live using unbound-control as well.

If the OS has "resolvconf" or "openresolv" installed, it can automatically generate configurations for Unbound/pdnsd/dnsmasq; see the resolvconf.conf manual.

NetworkManager can automatically start dnsmasq or Unbound, with per-connection DNS servers obtained from DHCP; see dns= in the NetworkManager.conf manual.

user1686

Posted 2016-12-26T17:52:30.473

Reputation: 283 655

I get No manual entry for resolvconf.conf. I want to know how to make unbound work with resolvconf. unbound is installed, unbound.conf is edited properly, and I restarted the unbound service but it's not working. I even tried /etc/NetworkManager/NetworkManager.conf to change dns=unbound but still nothing. My original question is this: https://superuser.com/questions/1477850/configure-dnsmasq-to-selectively-resolve-domains-using-two-dns-providers Thanks very much :)

– Shayan – 2019-09-01T21:18:23.997

1Do you have openresolv or Debian's resolvconf installed? – user1686 – 2019-09-02T05:09:00.933

Asked: 2016-12-26T17:52:30.473

Viewed: 2 064 times

Active: 2016-12-27T09:44:18.993