How to setup DNS Forwarding ?

The DNS forwarding facility of BIND Version 8 can be used to create a large site-wide cache on a few servers, reducing traffic over links to external nameservers. It can also be used to allow queries by servers that do not have direct access to the Internet, but wish to look up exterior names anyway. Forwarding occurs only on those queries for which the server is not authoritative and does not have the answer in its cache. Let us suppose, that we have an internal DNS-2 in the HSZ (High Security Zone) for the internal hosts and an external DNS-1 in the DMZ (Demilitarized Zone) for the Internet Access. Using the forwarding feature DNS-2 is able to lookup Internet hosts, forwarding queries to DNS-1.
Keywords in the configuration file named.conf.

  • Forward

This option is only meaningful if the forwarders list is not empty. A value of first, the default, causes the server to query the forwarders first, and if that doesn't answer the question the server will then look for the answer itself. If only is specified, the server will only query the forwarders.

  • Forwarders

Specifies the IP addresses to be used for forwarding. The default is the empty list (no forwarding). Forwarding can also be configured on a per-zone basis, allowing for the global forwarding options to be overridden in a variety of ways. You can set particular zones to use different forwarders, or have different forward only/first behavior, or to not forward at all.

Example in named.conf

options {
  directory "/var/named";
  * Using the DNS Server of the Network Provider as a forwarder
  * can make responses to queries faster and less of load on your
  * local network
  forward first;
  forwarders {;