DNS forwarding in VyOS
Posted 13 Apr, 2018 by Daniil Baturin
A lot of small networks do not have their own DNS server, but it's not always desirable to just leave hosts to use an external third-party server either, that's why we've had DNS forwarding in VyOS for a long time and are going to keep it there for the foreseeable future.
Experienced VyOS users already know all about it, but we should post something for newcomers too, shouldn't we?
Configuring DNS forwarding is very simple. Assuming you have "system name-server" set, all you need to do to simply forward requests from hosts behind eth0 to it is "set service dns forwarding listen-on eth0". Repeat for every interfaces where you have clients and you are done.
There are some knobs for telling the service to use or not use specific DNS servers though:
set service dns forwarding listen-on eth0
# Use name servers from "system name-server"
set service dns forwarding system
# Use servers received from DHCP on eth1 (typically an ISP interface)
set service dns forwarding dhcp eth1
# Use a hardcoded name server
set service dns forwarding name-server 192.0.2.10
You can also specify cache size:
set service dns forwarding cache-size 1000
One of the less known features is the option to use different name servers for different domains. It can be used for a quick and dirty split-horizon DNS, or simply for using an internal server just for internal domains rather than recursive queries:
set service dns forwarding domain mycompany.local server 192.168.52.100
set service dns forwarding domain mycompany.example.com server 192.168.52.100
And that's all to it. DNS forwarding is not a big feature — useful doesn't always equal complex.