Dns – how can i set up BIND to use a different DNS for a specific domain


at work we are using a VPN tunnel to communicate with an external network that is set up for testing. There is also a DNS running inside this external network, and I would like to have a local DNS service on my machine which acts in the following way:

  • does the requested hostname end with .that.specific.domain? -> ask the DNS service at 192.168.xxx.yyy

  • in all other cases -> ask the default DNS service (i.e. our Router or some server on the Internet)

I am a complete novice with DNS configurations, so I scanned through quite a few manuals and tutorials about BIND but it's hard to really find out for me how to do this. I added the following to my named.conf, but this did not work so far:

zone "that.specific.domain" IN {
    type slave;
    masters {192.168.xxx.yyy;};

I still can resolve every internet host, but I cannot resolve any host from that external network. If I ask that DNS directly (i.e. nslookup hostname.that.specific.domain 192.168.xxx.yyy), it can be resolved though. So it's not a network issue.

But in general I think this shouldn't be a hard thing to do. Does anybody know what might be wrong in my configuration, or whether I should do something completely different to accomplish my goal?

Best Answer

If I understand your question, you have an existing DNS server which resolves hosts without issue, either by recursion or through ISP forwarders. You would like your DNS server, in the case of a specific domain name, to use a different set of forwarders when forwarding the request.

This is done in BIND using "Forward Zones" and in Windows DNS using "Conditional Forwarders."

http://docstore.mik.ua/orelly/networking_2ndEd/dns/ch10_05.htm From DNS/Bind, Section 10.5.2:

zone "that.specific.domain" {
    type forward;
    forwarders { 192.168.xxx.yyy; };