Public DNS

i want to setup Public DNS for my one of the client please let me know the steps and preriqusites for it.
Who is Participating?
Yogesh_Exchange_ExpertConnect With a Mentor Author Commented:
You will have to open port 53 (DNS) for TCP and UDP both on your firewall to forward requests your server.  
You would then have to register your Public IP as the Name Server for your domain with your name registrar.
Allow ICMP traffic on firewall to ping from external network.

Here is a guide:

Remember to save a back up of your configs.

Run the command prompt, "ipconfig /all > backupinfdns.txt" or "ifconfig > backupinfdns.txt".

It's most likely that you'll not need this information, but caution is never too much.(the config will be saved in your working directory that is the one you'll be seeing in the prompt)
Yogesh_Exchange_ExpertAuthor Commented:
i want to setup own public dns
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Yogesh_Exchange_ExpertAuthor Commented:
my simple question is i want to setup my own public DNS server what all the steps and requirement for it.
The steps are pretty much the same.
You just need to substitute the google's DNS by your own.

But of course, it's only if you already have a DNS server.
Do you have it?
Yogesh_Exchange_ExpertAuthor Commented:
Actually customer has already taken external ip and register there dns server with name of now he want us to setup the internal setup. so whats need to be done just want to know this. he want to use this dns for hosting all his websites.
so whats the requirements for this.
Yogesh_Exchange_ExpertConnect With a Mentor Author Commented:
Please let me know ASAP customer is waiting for reply.
Daniel McAllisterPresident, IT4SOHO, LLCCommented:
While I see the question has been requested to be closed, I don't see a reasonable answer so I'm going to provide one.

Let's start at the beginning -- a DNS server's primary task is that it answers requests from clients about the IP addresses of the domains for which it has direct information (either as a master zone server, or a slave that gets its data from a master zone server).

So, if you've got a registered domain,, and you host your own DNS servers, then you've notified your domain registrar of this fact and created the appropriate GLUE records with them so that the world will know that the DNS servers for are your server's IP addresses. (I use ploural here, because technically you're supposed to have AT LEAST two DNS servers defined for any Internet Domain Name).

OK -- so let's assume you have that setup already... sometimes, you then want that DNS server to also resolve "public" (that is, other Internet) domains for your local (LAN) clients. To do this, all that needs to happen is that the DNS server enable a function called RECURSION (or RECURSIVE LOOKUPS). What this means is that the DNS server uses a preset "root hints" file of 13 "top-level" DNS servers to fully resolve a name resolution request. The process kinda goes like this:
- The server gets a request for
- The server determines that it is NOT a local domain (in other words, it is NOT a server for that domain)
- The server determines that it is allowed to do recursive lookups for the client making the request
- The server determines that it does NOT already have a cached copy of the resolved IP address
- The server checks for the next higher level domain (in this case
- The server determines that is is not a local domain (this time, just the domain name, not the www), & it is not cached
- The server checks for the next higher level domain (in this case just plain com, or "dot-com")
- The server determines that is is not a local domain (this time, just the com), & it is not cached
- The server checks for the next higher level domain - but now we're at the TOP of the tree, so the server asks one of the 13 ROOT HINTS servers for a list of .com servers
- Using that list, the server requests from the .com name servers a list of servers for
- Using that list, the server requests from the name servers a list servers for
- Using that, the server finally replies to the client with the list of "resolved" IP addresses for

As you can see, there can be quite a lot of overhead -- but it is lessened by the fact that each response is cached so that lookups don't take so long in the future.

Now to some, this is what is referred to as being a "public" DNS server -- even though, if you're smart, you'll only allow LAN clients to use that recursive function -- and not anyone on the Internet.

But to others, a truly public DNS server is willing to do these resolutions for anyone, anywhere. Some common public DNS servers are Verizon's, and Google's But to intentionally be another of these servers, all one needs to do is open TCP and UDP ports 53 to your DNS server and allow recursion for all. Then be prepared for a LOT of hits -- especially once it is discovered that you're a public DNS server.

I do NOT recommend becoming a truly public DNS server -- and being a master zone server as well as a public DNS server for LAN clients is difficult for Windows DNS servers because they cannot block only certain clients from doing recursion. But Linux DNS servers do this well.

I hope this better answers this question -- if not for the original author, then for future readers.

Yogesh_Exchange_ExpertAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.