Home / server / Questions / 184758
Accepted
Xiè Jìléi
Asked: 2010-09-26 18:20:23 +0800 CST

How to add extra DNS server to handle my own TLD domains?

  • 772

I have setup BIND9 to resolve domain names used by my work group, it contains:

  • public domain names: *.my-company.com
  • our own TLD *.top

but I don't know how to setup clients to add an extra DNS server.

I'll call my DNS server as DNS-mine, and the default DNS servers returned from ADSL as DNS-system.

I must not forward DNS-system through DNS-mine for network-speed reasons and user preferences. (Users are distributed over the world, and DNS-mine is sat in US).

I have tried several ways, as follows:

  1. Add IP4 of DNS-mine (1.2.3.4) to resolv.conf:

    nameserver 8.8.8.8   # DNS-system
nameserver 1.2.3.4   # DNS-mine

    however, DNS-mine is never queried. as resolv.conf(5) said the second nameserver is only queried when the first one was timeout, however DNS-system here does never timeout.

    and resolv.conf is reset by network manager, too.

  2. Add zone '*.top.my-company.com' to DNS-mine, and make it the same as .my-company.com zone. Then Change /etc/hostname to a1.my-company.com, a2.my-company.com, etc. in each client. This works as:

    www.top -> www.top.my-company.com == www.my-company.com

    However, I must add all client host names in DNS-mine at the same time, otherwise the client stucks:

    127.0.0.1 a1.my-company.com
127.0.0.1 a2.my-company.com
127.0.0.1 a3.my-company.com

    The clients don't have WAN IP(s), as they are behind the firewall. And new clients may join in in any time.

  3. The same as above, but don't change /etc/hostname, add to /etc/resolv.conf instead:

    domain my-company.com

    This works very well, however, the /etc/resolv.conf file is automatically reset by network manager.

  4. Add all names *.top to /etc/hosts file, then just ignore DNS-mine, this works very well, but hard to maintain.

domain-name-system domain-name

3 Answers

  1. Best Answer

    In order to add a new TLD that ICANN doesn't yet recognize (like you are) you have to put a DNS server that considers itself authoritative in the DNS resolution chain. In practice, this means the first hop. In order to use your *.top domain internally, you will have to either point all of your clients at your own DNS server, or maintain /etc/hosts files. One of the two.

    As for top.my-domain.com, you have some options. Whichever DNS servers are authoritative for my-domain.com (you don't say) will be able to also serve up top.my-domain.com. This may be your best bet for simplicity's sake. Have your (presumed) DNS hosting service add that subdomain and add the entries you need.

    However, hosting a local DNS server is not a bad idea at all really. They're called a Caching DNS server and cache resolved names so they can be retrieved faster than they would be pulling from the Internet. If you add your *.top domain to it, it'll provide all of your needs.

    • 2

  2. I would setup all the work group computers to query your DNS server, if your server doesn't know the answer to a query, then have the DNS server forward it to an Internet DNS server. That way you can have your special domains (or override/filter) domains the Internet DNS servers would resolve.

    I use DHCP to push out my DNS settings, but any method that works, works.

    • 0

  3. All you need to do is delegate *.top.my-company.com NS lookups to your custom DNS-mine server. No changes are needed to the clients, it's a referring looking.

    DNS-default

    top  IN  NS  DNS-mine.my-company.com

    This has all been answered in detail here:

    How exactly should I set up DNS to delegate authority for subdomains?

    • 0