I am using Debian server 10 and bind9 for my DNS server network, I want very simple working with DNS server, my topology is like below:
client <-> DNS <-> voip.example.com
client IP: 172.17.106.9
client DNS primary: 172.17.106.15
client DNS secondary: 8.8.8.8
DNS IP: 172.17.106.15
voip.example.com IP: 172.17.106.12
I want to check the DNS records when each request is received from the client, and if it does not match, go to the secondary DNS stored in the client's secondary DNS(8.8.8.8)
I get this error on client cmd:
C:\Users\Farhad>nslookup voip.example.com
Server: ns1.example.com
Address: 172.17.106.15
*** ns1.example.com can't find voip.example.com: Server failed
my bind9 configuration is here:
/etc/bind/named.conf.local
zone "example.com" {
type master;
file "/etc/bind/db.example.com"; # zone file path
};
zone "17.172.in-addr.arpa" {
type master;
file "/etc/bind/db.172.17"; # 172.17.0.0/16 subnet
};
/etc/bind/named.conf.options
acl "trusted" {
172.17.106.15; # ns1
172.17.106.9; # client
172.17.106.12; # VoIP
};
options {
directory "/var/cache/bind";
recursion yes; # enables resursive queries
allow-recursion { trusted; }; # allows recursive queries from "trusted" clients
listen-on { 172.17.106.15; }; # ns1 private IP address - listen on private network only
allow-transfer { none; }; # disable zone transfers by default
forwarders {
8.8.8.8;
8.8.4.4;
};
};
/etc/bind/db.example.com
$TTL 604800
@ IN SOA ns1.example.com. f.example.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; name servers - NS records
IN NS ns1.example.com.
; name servers - A records
ns1.example.com. IN A 172.17.106.15
; 172.16.0.0/16 - A records
voip.example.com. IN A 172.17.106.12
/etc/bind/db.172.17
$TTL 604800
@ IN SOA ns1.example.com. f.example.com. (
3 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
; name servers
IN NS ns1.example.com.
; PTR Records
15.106 IN PTR ns1.example.com. ; 172.17.106.15
12.106 IN PTR voip.example.com. ; 172.17.106.12
now it works fine with changed
db.example.com
and deletens2
record and resolve exactly IP address ofvoip.example.com
but my primary issue still exist: I want to check the DNS records when each request is received from the client, and if it does not match, go to the secondary DNS stored in the client's secondary
DNS(8.8.8.8)
for example some client request to reach
test.com
, and client have primary dns172.17.106.15
and secondary dns8.8.8.8
query reviced from client to my dns server
172.17.106.15
, but did not go to8.8.8.8