On Mon, Jan 24, 2022 at 07:05:27AM -0500, Henning Follmann wrote: > On Mon, Jan 24, 2022 at 10:14:23AM +0000, Bhasker C V wrote: > > I am running example.local domain on my interface(192.168.2.1) (bind9) > > The domain is resolving fine. However I want to use 1.1.1.1 public DNS > > server for looking up other domains (external domains) > > Hence I have put both servers in /etc/resolv.conf > > > > ``` nameserver 1.1.1.1 > > nameserver 192.168.2.1 > > search example.local```
This is fundamentally wrong. All of the nameservers are treated equally. It's not a "try one, and if that says no such domain, try another" thing. It only tries another one if the first one doesn't give any response at all. > If you already are using bind, wouldn't it be the simplest way > to put 1.1.1.1 as a forward in your configuration and > then just use 192.168.2.1 as your recursive resolver? This. You need to use *only* 192.168.2.1 as your nameserver, and you need to configure whatever software is running on that IP address to forward non-local requests out to the public DNS resolver(s) of your choice. That'll be configured within the DNS software, not in the /etc/resolv.conf file.
