| Category | |
| DNS – Blog | |
| Time to Read | |
| 20 Minutes | |
| Who should read this blog.? | |
| If you want to learn about Forwarders, Conditional Forwarders, and Root Hints and how to configure them. |
Forwarder and Human Psychology
Please don’t get me wrong this is not a Psychology blog, it is just that I am just taking a leaf from human Psychology to prove my point.
No doubt! We, humans, are intelligent lot We have our own areas of expertise for which we can be authoritative and confident. but we have limits, we don’t know everything.
When we don’t understand anything, Each one of us has our own go-to person/guru whom we reach
That guru for us is Forwarder. the whole truth for us.
Conditional Forwarder
Now we can either have only one Forwarder for all our queries or we can have one each for different subjects.
Like, if I want to know about investing, I may follow my investment advisor while for spirituality I may follow my spiritual guru. Similarly, I may have one forwarder for the domain abc.com and another for xyz.com
So we are putting the conditions based on the authority and expertise of the forwarder so the name Conditional Forwarder.
Root Hints
It is a possibility that even our forwarders and conditional forwarders do not have the answer to our queries, is it the end of the road?
No, they might have their own roots which helps them to get an answer to the query. These roots are the supreme authority like warren buffet in investing.
DNS systems have their own roots commonly known as root hint servers.
Forwarders, Conditional Forwarders, and Roots hints work in tandem
When a client device, such as a computer or a smartphone, requests a DNS resolution for a domain name, the request first goes to the local DNS server, which then checks if it has the DNS record in its cache. If the record is not found in the cache, the local DNS server sends the query to the conditional DNS forwarder/Forwarder or Root hints based on its configuration. The forwarder then sends the query to the upstream DNS server to resolve the domain name and returns the result back to the local DNS server, which caches the result and sends it to the client device.
Refer below blogs to understand the entire DNS resolution process in detail –
Public DNS Infrastructure and DNS Server types
Order of Preference
If a local/ISP DNS server has a conditional forwarder configuration and it matches the condition then the DNS query will be forwarded to conditional forwarders.
If there is no conditional forwarder configured on the local/ISP DNS server for a domain then the DNS server’s forwarder server will be chosen and a DNS query will be sent to it.
If there are no forwarders configured then Root hints can be used to forward the DNS queries(optional).
Configure Forwarders, Conditional Forwarders, and Roots hints on Windows Servers
As we log in to the Windows Server, the first screen we will see of the Server Manager.
To configure the Reverse Lookup Zone we should have DNS Service already installed and configured. In my previous blog, I have already explained how to install and configure DNS Server Install and Configure DNS Server on Windows Server. So we are ready.
Browse DNS
Select Conditional Forwarders Folder
Setting up Conditional Forwarder
Right-click on Conditional Forwarders and click on New Conditional Forwarder…
Setting up Forwarding Condition
I want to forward any DNS query for the domain thecloudblogger.com to DNS Server 1.1.1.1.
For that, I added ‘thecloudblogger.com under DNS Domain, and Under the field IP Address of master servers, I added IP address 1.1.1.1 as a forwarder DNS server. Hit ‘ok‘.
Conditional Forwarder is ready
Configuring Forwarders
Our Conditional Forwarder for thecloudblogger.com is set to 1.1.1.1.
For all other domains, I have to set the forwarders which can be used to forward the unknown queries .
Setting up the Forwarders
Select the Forwarders tab and click on Edit… button
Add the Forwarders Ip addresses
I added 2 IP addresses – Google DNS server IP 8.8.8.8 and I used same DNS server 1.1.1.1 which I used for my conditional forwarder, you may use any of your ISP’s DNS server IP’s. Hit ‘ok‘.
Setting up the Root Hints
By default root, hints are already available on windows DNS servers and they are used by default if no forwarders are configured. So root hints are the last resort for a DNS query if there are no conditional forwarders or forwarders configured.
Root Hints name servers
Root Hints name servers are pre-configured on windows DNS servers under Root Hints section as seen below. Generally, you will see 13 name servers with names letters A-M appended by ROOT-SERVERS.NET.
There are options available to either Add, Edit, Remove, or copy the root hints servers from another server as highlighted in red.
Disabling Root hints use for DNS queries
As discussed earlier Root hints name servers are used if no conditional forwarders or forwarders are configured on the DNS server. However, the use of Root Hints can be disabled on a DNS server by unticking the box as given below. In this case, if no conditional forwarders or forwarders are configured on DNS servers, the DNS query will fail if there are no cache entries for the query.
Order of Preference
If the DNS query is for thecloudblogger.com query will be forwarded to DNS Server ‘1.1.1.1’. If the query is for ‘google.com’ and If there is no conditional forwarder configured on the local/ISP DNS server for ‘google.com’ then the DNS server’s forwarder server 8.8.8.8 will be chosen and the DNS query will be sent to it. If 8.8.8.8 does not respond after the timeout value query will be sent to DNS server 1.1.1.1. If the forwarders are not configured or not responding to the queries after a timeout, the query will be forwarded to Root Hints name servers by default. So Root Hints servers work as the last resort resolvers.
Conclusion:
In this blog we leart about the Conditional Forwarders , Forwarders and the Root Hints.
Configuring Ubuntu LTS as DNS Server(Forwarder mode)
