jjc_mn
asked on
DNS forwarder question
If you configure a DNS server to use a forwarder, would a wireshark capture show DNS traffic between just you and the forwarder or does the forwarder return the IP of the authoritative DNS server and would your DNS server go there to finally resolve the name to IP?
I'm trying to figure out if my forwarder is working correctly.
I'm trying to figure out if my forwarder is working correctly.
Your DNS server would forward the request and the request would be sent back to your DNS server. The client making the request would be unaware that the request had been forwarded.
You are describing the difference between iterative and recursive DNS. On the Windows DNS server, on the "Forwarders" tab, there is tick box option "Do not use recursion for this domain". When the option is ticked, it means you want your DNS server to only query the forwarder (i.e. your DNS server should not go elsewhere to finally resolve the name).
ASKER
Actually I'm on Lunix not Windows but that should not matter.
Also I'm disregarding traffic between my DNS server and the client that makes the request. I'm only looking at server to server traffic.
You said : "your DNS server should not go elsewhere to finally resolve the name". From my wireshark trace it looks like it asks the forwarder and the forwarder comes back and gives it the DNS SOA and then my server goes to the SOA to resolve.
So that behavior is not correct?
Also I'm disregarding traffic between my DNS server and the client that makes the request. I'm only looking at server to server traffic.
You said : "your DNS server should not go elsewhere to finally resolve the name". From my wireshark trace it looks like it asks the forwarder and the forwarder comes back and gives it the DNS SOA and then my server goes to the SOA to resolve.
So that behavior is not correct?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.