I've got a domain for which the DNS I control, and is hosted on the internet. I also have a NAT'd internal network (192.168.0.0/24) which has internet access, and which I also control. On this internal network, I also have a DNS resolver. DNS software on both is PowerDNS.
What I want to be able to do is for the DNS resolver on the internal network to be able to add/change records of queries and results that come down from the authoritative server. For example, the authoritative server might have a single record for animal.example.com:
animal.example.com. IN AAAA 2001:140:283::1
However, I'd like it so that when internal clients do a dns lookup for animal.example.com, they might get back the following:
animal.example.com. IN AAAA 2001:140:283::1
animal.example.com. IN A 192.168.0.2
Obviously, I could set up the internal DNS server to pretend to be authoritative for example.com, but that would require a fair bit of effort to keep the main DNS server and the internal DNS server in sync for the records which are the same between both. If the internal DNS server could somehow be made a slave of the main DNS server, but also have the provision to add its own results in, that would be ideal.
Is this possible?
Best Answer
Actually if i had to do it i would use a Lua Script with the recursor that mangles with the data on postresolve.
Hoever i really do recommend something different: Simply use a seperate authoritative Zone like internal.example.com where you AXFR example.com from the authoritative Servers and simply append your local RFC1918 data.
This way you can still debug the authoritative Zone like it is on the internet from your LAN and use the internal data.
About PowerDNS Recursor Lua Scripting: http://doc.powerdns.com/recursor-scripting.html