Knowledge Base  >   LAN  > 

Forward DNS Queries to a Private DNS Server

Network Administrator may use a private DNS server to resolve internal hostnames; however, forwarding all the DNS queries to that private DNS server might be inefficient. In such cases, we may use Conditional DNS Forwarding so that only the specified domains will be sent to and resolved by the private DNS server.

To setup Conditional DNS Forwarding, go to Applications >> LAN DNS / DNS Forwarding, and click on an Index number to add/edit a profile:

  1. Go to Conditional DNS Forwarding tab.
  2. Enable this profile.
  3. Enter Profile name
  4. Enter the Domain Name you would like to forward, wildcard is supported.
  5. Enter the IP address of the private DNS server at DNS Server IP Address.
  6. Click OK to save the profile.
a screenshot of DrayOS DNS forwarding settings

To verify this function, we use the LAN Port Mirror to copy the WAN traffic. From the captured packets, we can see when a LAN client sends DNS query for “www.example.com” to a public DNS server, the request will be forwarded to the DNS server at IP “100.100.100.100”.

a screenshot of wireshark capturing DNS packets
  1. Go to Configuration>DNS>LAN DNS/Forwarding and click +Add
  2. Enter the following details in the menu page
    1. Give a profile Name
    2. Select Enabled
    3. Select Forwarding Type
    4. Click +Add to enter the domain name you would like to forward; wildcard is supported
    5. Select IPv4 as DNS Server Type
    6. Enter the DNS Server IP
    7. This domain name can be applied to either All LANs or a Specific LAN only
    8. Click Apply to save the settings

To test this function, use LAN Port Mirror to copy the WAN traffic. The captured packets show that when a LAN client sends a DNS query for "www.example.com" to a public DNS server, the request is forwarded to DNS server IP "100.100.100.100".

1. To configure a LAN DNS profile with type FORWARD, enable DNS Redirection in the LAN profile at LAN >> General Setupfirst.

a screenshot of Vigor3900 LAN General Setup

2. Go to LAN >> LAN DNS and then click Add:

  1. Input name for this LAN DNS profile
  2. Tick Enable to activate
  3. Input Domain Name *.draytek.com (Wildcard * is supported to forward all domain names which includes ".draytek.com" to the specific DNS server.)
  4. Select "FORWARD" for Type
  5. Input the IP address of the DNS Server 172.16.2.8
a screenshot of Vigor3900 LAN DNS Setup

With the above configuration, when a LAN host sends DNS query to ask who is www.draytek.com or who is ftp.draytek.com, the router will forward the DNS query to DNS server 172.16.2.8; if it gets the response, it will send the answer to the LAN host.

Published On: 2015-03-20 

Was this helpful?   

book icon

Related Articles