Monday, December 31, 2007

Mac OSX Server DNS and DNS Forwarding

Out of the box, Mac OSX Server sends all non-local queries to root DNS which is unfriendly, and also makes DNS lookups slower, since your ISP probably has the answer cached already.

To make OSX Server use your ISPs DNS as the next port of call for queries look for the 'options' section of the file 'named.conf' in '/etc' and add the 'forwarders' section. Restart DNS, from the Server Manager application if you want, and then look in the log window to see where DNS lookups are going.

options {
directory "/var/named";
recursion true;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
// ISP DNS

forwarders {
x.x.x.1;
x.x.x.2;
x.x.x.3;
};
};

No comments: