Using a private DNS server to point to development resources under a forward zone, how do I forward all requests that are not locally resolved?

Question

I want to allow smartphone apps I'm developing to communicate with my local development server by domain name when I am working in my home office.

I have installed a DNS server on my Synology NAS and generally it is working well for non-development resources. Development is problematic. I have created a master zone and records underneath it. The problem is that our wildcard SSL certificate only works for our public domain name (call it foo.com). This means I cannot speak HTTPS locally and I would prefer my development environment to be as close as possible to production, so I want HTTPS.

What I want is for the local DNS server to resolve queries for my development server (mydev.foo.com), and forward all other queries to the upstream DNS server. For example:

mydev.foo.com -> 192.168.1.3 (my local VM, resolved locally)
foo.com -> xxx.xxx.xxx.xxx (our public website, resolved by my ISP)
bar.foo.com -> xxx.xxx.xxx.xxx (our public app server, resolved by my ISP)

Right now if I set up a foo.com master zone (a forward zone), only the locally defined resource is resolved.

Is what I'm asking even possible?

Yes. Don't make a foo.com master zone, make a mydev.foo.com master zone to only cover mydev.foo.com. — , Aug 04 '17 at 02:59

score 0 · Accepted Answer · answered Aug 04 '17 at 04:44

Thank you to user yoonix for his comment.

The thing to keep in mind is that the DNS server will resolve the longest domain name condition that corresponds to the domain name in the query.

Armed with yoonix's answer and that key bit of understanding, the answer was a master record with the following settings:

Master Zone:

Domain Type: Forward Zone
Domain Name: mydev.foo.com
Master DNS Server: <IP of the Synology NAS>
Serial Format: Integer
Limit Zone Transfer: True
Limit Source IP Service: False
Enable Slave Zone Notification: False
Limit Zone Update: True

Resource Records:

(Automatically Generated) ns.foo.mydev.com.
Type: A
TTL: 86400
Information: <IP of the Synology NAS>

(Automatically Generated) foo.mydev.com.
Type: NS
TTL: 86400
Information: ns.foo.mydev.com

foo.mydev.com.
Type: A
TTL: 86400
Information: <IP of the dev VM>

Using a private DNS server to point to development resources under a forward zone, how do I forward all requests that are not locally resolved?

1 Answers1