I want to use 126.96.36.199 as my first DNS server and use my local DNS as the secondary DNS server.
I have a site-to-site VPN .. I want t the local host names resolved by the secondary DNS. However, iit is not resolving. What can be the missing issue. Any ideas ?
As of now; i am using both the local DNS servers ( by saying local, it is on other network which I connect over by site-to-site VPN) and I think it is not a correct usage
show system services dhcp pool 172.16.4.0/24 detailPool information: Subnet 172.16.4.0/24 Address range 172.16.4.1 - 172.16.4.254 Addresses assigned 14/254 Active: 13, Excluded: 1
Excluded addresses: 172.16.4.1
DHCP lease times: Default lease time 1 day Minimum lease time 1 minute Maximum lease time infinite
DHCP options: Name: name-server, Value: [ 192.168.10.135, 192.168.10.136 ] Name: domain-search, Value: [ mydomain1.com,mydomain2.com,mydomain3.com,mydomain4.com ] Name: router, Value: [ 172.16.4.1 ]
If I follow you correctly, you need local only dns records to resolve. That means you really cannot use any public dns server like google, you have to use those internal network servers only.
As long as the addresses are reachable via the VPN there is no issue using them as the DNS servers in our dhcp setup.
What is the reason your wnat google dns are primary?
Hi, thank you for your response...Actually I want t use 188.8.131.52 as the primary and the local DNS as the secondary. But, the problem with this configuration, when these DNS servers are assigned to the clients, clients can not resolve the localhostnames in the remote network which I connect with site to site VPN
My HQ NW ( 172.16.4.x/24) ----- ------ sitetosoteVPN ---------- DataCenter ( 192.168.10.x/24)
I am in the HQ office, my srx fw is in this nw also
My DNS servers are in remote NW
But my clients can not resolve the hosts located in the DataCenter when I use 184.108.40.206 as the primary DNS
Thanks for the clarification.
You will never be able to resolve internal only dns records with any public resolver like google dns. If you need these records to work you have to remove google and other public resolvers and use only the internal dns servers.
thank you so much.. I wanted to setup an environment like :
- all external name resolutions will be asked and resolved by 1st DNS ( google for ex)
- all internal name resolutions will be queried on primary DNS and they will get no response and the query will be redirected to secondary DNS
so, i understand that, when the names are not resolved by primary DNS, the query will not be redirected to the secondary DNS, right ?
The secondary DNS gets used if there is no response at all from the primary DNS.
In this case there is a response, that the record does not exist in the public authoritative zone. This is a valid response so there is no need to failover to using the secondary DNS.
I appreciate ... thank you.. all of my posts replied with great patience.. thanks