From f181f7f5621848684dd7313b4b5e2fbdca0edcdf Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 3 Oct 2018 14:13:56 +0200 Subject: Service: Add DNS forwarding chapter --- docs/ch11-services.rst | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/docs/ch11-services.rst b/docs/ch11-services.rst index 52303b36..e407a6dd 100644 --- a/docs/ch11-services.rst +++ b/docs/ch11-services.rst @@ -582,3 +582,61 @@ set automatically if more than one listening interfaces are in use. DNS Forwarding -------------- + +Use DNS forwarding if you want your router to function as a DNS server for the +local network. There are several options, the easiest being 'forward all +traffic to the system DNS server(s)' (defined with set system name-server): + +.. code-block:: sh + + set service dns forwarding system + +Manually setting DNS servers for forwarding: + +.. code-block:: sh + + set service dns forwarding name-server 8.8.8.8 + set service dns forwarding name-server 8.8.4.4 + +Manually setting DNS servers with IPv6 connectivity: + +.. code-block:: sh + + set service dns forwarding name-server 2001:4860:4860::8888 + set service dns forwarding name-server 2001:4860:4860::8844 + +Setting a forwarding DNS server for a specific domain: + +.. code-block:: sh + + set service dns forwarding domain example.com server 192.0.2.1 + +Example 1 +^^^^^^^^^ + +Router with two interfaces eth0 (WAN link) and eth1 (LAN). A DNS server for the +local domain (example.com) is at 192.0.2.1, other DNS requests are forwarded +to Google's DNS servers. + +.. code-block:: sh + + set service dns forwarding domain example.com server 192.0.2.1 + set service dns forwarding name-server 8.8.8.8 + set service dns forwarding name-server 8.8.4.4 + set service dns forwarding listen-on 'eth1' + +Example 2 +^^^^^^^^^ + +Same as example 1 but with additional IPv6 addresses for Google's public DNS +servers: + +.. code-block:: sh + + set service dns forwarding domain example.com server 192.0.2.1 + set service dns forwarding name-server 8.8.8.8 + set service dns forwarding name-server 8.8.4.4 + set service dns forwarding name-server 2001:4860:4860::8888 + set service dns forwarding name-server 2001:4860:4860::8844 + set service dns forwarding listen-on 'eth1' + -- cgit v1.2.3