How to Make Forwarders of BIND Named Server Work

August 16, 2015March 27, 2022

Your DNS might not cache all the records of internet, but you can forward the query to external DNS for servicing your clients.

There're two entries that you must know:

The option forwarders must be added to indicate which external DNS to forward the queries.
The option dnssec-validation must be set to no. dnssec-validation indicates that a resolver (a caching or caching-only name server) will attempt to validate replies from DNSSEC enabled (signed) zones. For further information. You may check DNS BIND9 Security Statements.

[root@primary-dns ~]# vi /etc/named.conf
...
options {
        ...
        forwarders {
            8.8.8.8;
            168.95.1.1;
        };
        ...
        dnssec-validation no;
};
...

Let's verify the configuration.
[root@primary-dns ~]# named-checkconf
It seems no problem. We should restart named.service
[root@primary-dns ~]# systemctl restart named
We're done.

JavaScript is not enabled. Please enable it and reload the page.

Tags:/etc/named.conf BIND Server dnssec-validation Domain Name Server (DNS)Enterprise Linux forwarders Named Server named-checkconf

How to Make Forwarders of BIND Named Server Work

Leave a Reply Cancel reply