summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2018-10-03 14:13:56 +0200
committerChristian Poessinger <christian@poessinger.com>2018-10-03 14:13:56 +0200
commitf181f7f5621848684dd7313b4b5e2fbdca0edcdf (patch)
treed998302abd83266a2462cadb95265f0c23e97a55
parenta3584bd2f11431a52b856e52d54eefbc1fa008a2 (diff)
downloadvyos-documentation-f181f7f5621848684dd7313b4b5e2fbdca0edcdf.tar.gz
vyos-documentation-f181f7f5621848684dd7313b4b5e2fbdca0edcdf.zip
Service: Add DNS forwarding chapter
-rw-r--r--docs/ch11-services.rst58
1 files changed, 58 insertions, 0 deletions
diff --git a/docs/ch11-services.rst b/docs/ch11-services.rst
index 52303b36..e407a6dd 100644
--- a/docs/ch11-services.rst
+++ b/docs/ch11-services.rst
@@ -582,3 +582,61 @@ set automatically if more than one listening interfaces are in use.
DNS Forwarding
--------------
+
+Use DNS forwarding if you want your router to function as a DNS server for the
+local network. There are several options, the easiest being 'forward all
+traffic to the system DNS server(s)' (defined with set system name-server):
+
+.. code-block:: sh
+
+ set service dns forwarding system
+
+Manually setting DNS servers for forwarding:
+
+.. code-block:: sh
+
+ set service dns forwarding name-server 8.8.8.8
+ set service dns forwarding name-server 8.8.4.4
+
+Manually setting DNS servers with IPv6 connectivity:
+
+.. code-block:: sh
+
+ set service dns forwarding name-server 2001:4860:4860::8888
+ set service dns forwarding name-server 2001:4860:4860::8844
+
+Setting a forwarding DNS server for a specific domain:
+
+.. code-block:: sh
+
+ set service dns forwarding domain example.com server 192.0.2.1
+
+Example 1
+^^^^^^^^^
+
+Router with two interfaces eth0 (WAN link) and eth1 (LAN). A DNS server for the
+local domain (example.com) is at 192.0.2.1, other DNS requests are forwarded
+to Google's DNS servers.
+
+.. code-block:: sh
+
+ set service dns forwarding domain example.com server 192.0.2.1
+ set service dns forwarding name-server 8.8.8.8
+ set service dns forwarding name-server 8.8.4.4
+ set service dns forwarding listen-on 'eth1'
+
+Example 2
+^^^^^^^^^
+
+Same as example 1 but with additional IPv6 addresses for Google's public DNS
+servers:
+
+.. code-block:: sh
+
+ set service dns forwarding domain example.com server 192.0.2.1
+ set service dns forwarding name-server 8.8.8.8
+ set service dns forwarding name-server 8.8.4.4
+ set service dns forwarding name-server 2001:4860:4860::8888
+ set service dns forwarding name-server 2001:4860:4860::8844
+ set service dns forwarding listen-on 'eth1'
+