What is DNS Forwarder?

DNS forwarder is a server that receives name resolution request from its clients and then forward it to another DNS server. The forwarding DNS server always checks it local zone file and cache first. If it does not find anything locally, it forwards the request to another DNS server. This process is called forwarding. In other first DNS acts like a middleman between client and next server.

Response is also saved in the cache. Later with the help of this cache future users get quick and better response as as result performance is improved, load time is reduced. It also provides more security and saves internet bandwidth at the same time.

DNS forwarders are frequently used in Local are network (LAN). Active directory environments also requires a local DNS. This local or private DNS server resolves all the active directory and intranet requests itself and external traffic is sent forwarded towards public DNS servers. These public DNS servers are also called upstream DNS server. Small office / home office router acting as DNS are great example of DNS forwarders. They are usually pointed towards internet service providers (ISP). Most of the time DNS forwarding is applied towards external servers for public domain name resolution. But forwarding can be towards internal (private DNS) as well. Lets learn it using an example.

Example of DNS Forwarder

As you can see the diagram all the local machines are pointed to local DNS placed with your network. It has a zone with a name yourdomain.local. When it receives a requested related to yourdomain.local. It uses its internal DNS zone file information or cache, and respond to requester. But when it receives a request that i can not resolve. For example wintelhive.com, google.com or miocrosoft.com. It will forward such requests to upstream DNS servers on behalf of requester. When next DNS server give a response. It keeps a copy in it cache and send the same response back to the original requester.

Benefits of Using a DNS Forwarder

DNS forwarders have a lot of advantages, especially for small to medium sized networks.

• Fast Response: By using local cache, a DNS server reduces the time it takes to access websites for the end users with same network.
• Reduce load on External Server: External DNS servers are less frequently used.
• Less Internet Bandwidth: Because external server are not queried frequently, it saves internet bandwidth.
• Better Security: After configuring DNS forwarding only one machine interact with public DNS servers. All others use local DNS. Hence this design is more secure for any network.
• Safe Browsing: It enables the you to block some websites or domains by implementing security and filter on DNS level.
• Better Logging: It is possible to configure DNS debug logging. So that you can monitor all DNS traffic locally.

Common Use Case

DNS forwarding is commonly used in following cases,

• Active Directory Environment: Corporate active directory is the very good use case of DNS forwarding. All client machines point towards local DNS. And local DNS server forward requests to public DNS when needed.
• Small Office Routers: In small office environments and home users all the devices DNS is pointed towards a local router that act as a DNS for all those devices. It is usually a dump device that does not have any DNS zone. It forward everything towards external severs.
• Secure Browsing: Some administrators put a local DNS for domain/URL filtering in between user machine and public DNS.

Apply in Windows Server 2019

1. Open DNS management console.
2. Right click the server and go to properties.
3. GO to forwarders tab.
4. Click on edit. Add the IP address.
5. Set number of seconds before forwarder queries time out. (By default 3 seconds).
6. Save the configuration by clicking OK.

If you have already configured forwarders, you can also delete them by clicking on delete button. You may add more than one DNS forwarder IP and set the sequence by clicking up down button. Learn how to setup and configure DNS server ,if you do not know the process already.

Apply DNS Forwarders Windows Server PowerShell

You can use following commands to configure DNS forwarder IP in Windows Server.

1. PowerShell command to apply DNS forwarer to a single server.
   • Add-DnsServerForwarder -IPAddress 8.8.8.8
2. PowerShell command to apply DNS forwarder to multiple servers.
   • Add-DnsServerForwarder -IPAddress 8.8.8.8,4.4.4.4
3. PowerShell command to remove DNS forwarder.
   • Remove-DnsServerForwarder -IPAddress 8.8.8.8
4. PowerShell command to view the current DNS forwarder settings.
   • Get-DnsServerForwarder

DNS forwarder improves performance by caching , saving bandwidth and providers better control on DNS traffic. It may improves the security by filtering and monitoring requests fi configured properly. It can be very helpful for small offices and large organizations both.

Frequently Asked Questions (FAQ)