How to setup intranet DNS to resolve some sub domain address and forwards others?

7

5

I have a domain names (MyDomain.com) which has a number of subdomains (subs1, subs2, subs3 and subs4)

On my local network I have 2 servers running that host subs1 and subs2.

I also have a server somewhere out on the internet hosting subs3 and subs4.

My hosting provider has a DNS server running and I have entries for all 4 sub domains. Where subs1 and subs2 point to the static IP address of the office and the entries for subs3 and subs4 point traffic to the relevant server out on the internet somewhere.

So when I am out and about I can access all the sub domain correctly without a problem.

When I am in the office I need the local sub domains to resolve to the local network IP addresses so in the office I have created a DNS server (debian running BIND 9) that resolves subs1 and subs2 to the local ip addresses (192.168.1.X). However now from within the office network I can only access subs3 and subs4 if I also add them to this new local DNS server.

This in effect means I have to maintain 2 DNS servers if / when I was to create / modify any sub domains.

What I was hoping I could do was to make my local server forward on queries for sub domains it doesn't know about to the hosted / internet DNS server, this way my local DNS would only have to know about sub domains hosted within the network.

Andy Cheetham

Posted 2013-08-06T16:50:09.947

Reputation: 73

For what it is worth, I had to add "everyone" under the security tab to read-only before it worked. – David Mulroney – 2015-10-21T03:31:32.607

Answers

6

We do what you are trying to accomplish here. The trick is to set up internal DNS zones for the subdomains you wish to answer locally, not the parent domain.

Instead of making a local DNS Zone for "MyDomain.com" with entries for the subdomain, make a new zone for each subdomain.

So, you'd make a zone named "subs1.mydomain.com", and then add a single new A Record, and leave the Host name for that record as blank.

(Repeat for each subdomain you want to have that DNS server answer for).

Ensure you DO NOT have a local zone for Mydomain.com.

Once it's setup, if you request subs1.mydomain.com the local DNS knows about it, and returns the root A Record (the blank Host one you made). If you request any other subdomain of MyDomain.com it won't ben seen as a known zone by the local DNS, will be forwarded like usual, and in turn, answered by the public DNS hosting the records for MyDomain.com.

Ƭᴇcʜιᴇ007

Posted 2013-08-06T16:50:09.947

Reputation: 103 763

Just tried this on OS X Server 4 on Yosemite and it doesn't let me add an A record with a blank host name. Is this scenario supported in the standard, any other workaround? – unom – 2015-08-31T18:40:52.160

Hi, in this setup how does the local clients get to know the local DNS server? – Luky – 2018-03-27T06:49:57.063

1Hi @Luky, it's been a while but I figured I would answer your question. It is sort of orthogonal to this issue, which is why it wasn't really mentioned so far, but definitely related. There are lots of options: 1) manually. Each client can be configured to point to that DNS server. 2) automatic through DHCP. Clients that use DHCP to get their IP can also get the DNS from it. most routers do this. 3) automatic through VPN. Many VPNs can configure clients' routing tables as well as gateways and DNS servers. -- I am sure there are others, but those are a few common approaches that I'm aware of. – Jasmine Hegman – 2019-11-11T03:20:30.440

1Fantastic, that was the answer I was looking for. Works like a dream thanks a lot! – Andy Cheetham – 2013-08-12T11:58:03.760

Asked: 2013-08-06T16:50:09.947

Viewed: 16 082 times

Active: 2015-10-21T03:31:32.607