Is there any reason to have a standard DNS forwarder?

Chris Marcoe April 20, 2013

Is there a reason to have a standard forwarder? All it does is take the request and send it on. If you didn’t have it, the request would just go to the next spot anyway. Thoughts?

  1. Jan Fritsch
    April 23, 2013 at 8:48 am

    Technically you don't need to configure a DNS forwarder on your server. This will result in your DNS server only resolving the local zones. In that case your clients would require a secondary DNS nameserver that can resolve outside zones if they are supposed to access the internet.

    If your DNS server is open for public querries, hosts a intranet/local domain or has the same records about it's zones as public servers this would be fine. Otherwise you could run into all sorts of issues.

  2. Bruce Epper
    April 20, 2013 at 3:16 am

    The only time one needs a DNS forwarder is when they are operating their own DNS servers on their internal network. The internal DNS servers will handle requests for the local domain/network machines and forward all requests for anything external to the network to a designated DNS server designated as the forwarder which will then forward that request to external DNS servers.. By having a designated forwarder, the firewall can be configured to only allow DNS requests to/from this single machine. Most admins would also configure these servers to be caching servers as well to reduce the number of DNS requests sent outside of the network.

    If one is handling multiple domains, they may also implement conditional forwarders as well.