I was wondering if someone can answer this question. I have already searched everywhere and couldn't find the answer anywhere, some of you might have already implemented this solution. Here is what I have on my home network:
Software used: bind9 on Ubuntu 18.04
Home/Cloud DNS Server: xyz.com ( in a master / slave configuration : 2 servers using internal IP addresses 192.168.1.10 (master) , 192.168.1.11 (slave) )
On my namecheap account: I purchased a domain (xyz.com) , added A+ Dynamic DNS record pointing to my IP address provided by ISP, it is also updated using ddclient. I also have several subdomain under xyz.com such as : a11.xyz.com , a12.xyz.com, a13.xyz.com and so on.
On my primary DNS server at home:
└─<>──» nslookup xyz.com 0 < 10:25:03 Server: 192.168.1.10 Address: 192.168.1.10#53
Name: xyz.com Address: 192.168.1.10
But, if you look for a11.xyz.com - I want this to search locally first and then look externally for the DNS records on public DNS servers such as Google, Namecheap and others.
Server: 192.168.1.10 Address: 192.168.1.10#53
** server can't find a11.xyz.com: NXDOMAIN
Now, question is: Q1. ) Is it possible to have such a configuration at home wherein home DNS server domain name is same as the one purchased at registrars like Namecheap and Godaddy ? Q2. ) If internal domains are same as external domain names, can this mix be handled such that it will search locally first and then look outside for any records in the public dns servers. Q3. ) if nslookup / dig response depends on the client configuration, Can the home DNS servers serve both bogus domains and real domains purchased ?
I haven't seen such a documentation on digital ocean or any other cloud providers.
Thanks again for the help.
I solved the problem by isolating internal domains from external domains. In the example above, if I have a domain on namecheap/godaddy as : xyz.com then same domain name CANNOT be used internally for home network since there will conflict in resolution so,
I created a domain specifically for internal device lookups : homelan.com and all devices inside the home network will have default domain homelan.com. This way, all subdomains of xyz.com can also resolve using forwarders as well as internal devices using homelan.com.
I was under the impression that if both external and internal domains are same, then bind will automatically resolve to external domains if it cannot find a record internally.