Problem
A common wish among many sites with internal-only nameservers is the desire on an otherwise caching-only resolver to override one (or more) single name(s) from the Internet.
Suppose your company is "example.com" and your authoritative DNS is hosted elsewhere. But you need "mylocation.example.com " to resolve to internal addresses 172.20.20.1 and 2001:db8:15c:b9::1 for the users at your site.
Solution
The answer is to add an authoritative zone for "mylocation.example.com" to your named.conf file, with the desired A/AAAA record(s) at the apex of the zone:
# named.conf (or a file included therein by 'include "/path/to/file";'):
zone "mylocation.example.com" IN {
type master;
# This assumes the default directory location in the "options" stanza
file "mylocation.example.com.zone";
};
And the "mylocation.example.com.zone" file might look like this:
$TTL 1h
; every zone must have SOA ...
@ IN SOA @ info.example.com. (
42 ;serial
3h ;refresh
15m ;retry
1w ;expiry
1h ;minimum
)
; ... and NS also.
@ IN NS @
; addresses for mylocation.example.com.
@ A 172.20.20.1
@ AAAA 2001:db8:15c:b9::1
Use "rndc reconfig" to reload the configuration and enable the new zone, or an "rndc addzone" command can do this at runtime, without editing named.conf, if the allow-new-zones option is set to yes:
$ rndc addzone mylocation.example.com '{ type master; file "mylocation.example.com.zone"; };
Dnsmasq
Dnsmasq is an easy-to-use integrated DHCP server and DNS forwarding server. In a case like this, dnsmasq might be a viable alternative. Because dnsmasq is not a complete DNS implementation like BIND, names under the label are not affected. Note that dnsmasq requires an upstream forwarding nameserver (such as BIND) to do recursion for names for which it is not authoritative.