I have an internal DNS server and a router. I can never figure out what I should set as my Primary and Secondary DNS on the router and dns server.
Let's say my internal DNS server is 192.168.0.2 and my router is 192.168.0.1. This is what I have setup. Is this right? It works, but not sure if it's the most efficient.
Router
Primary – 192.168.0.2
Secondary – 8.8.8.8 #public dns server
Internal DNS Server
Primary – 127.0.0.1
Secodary – 192.168.0.1
Best Answer
The short answer, IMO is that your internal clients should only point at your internal server and nothing else. If you have lots of internal clients you need to setup a second server.
Your DNS server should probably be pointed at itself only in the client settings. In your DNS server software you can setup forwarders if you want requests that are not answered by your internal server to be directed at another resolver instead of starting a recursive lookup from the root.
Unless your router is doing content filtering I suspect the DNS settings there don't matter at all. Low end routers don't really do much with DNS. If your router does need DNS, and does need to see your internal view, then you should set it to point at your internal DNS server(s) only.
To explain why internal clients should only point at internal DNS.
When a DNS client does a lookup, it will consult one of its DNS servers, once a response is received, positive or negative, the client is done. Other configured DNS server will only be used if the first one does not respond at all, or responds with a failure.
Here is a scenario:
If your client makes a request for an internal record and the external server responds first, then the client will believe the no record exists and report a failure to the user. If the the internal server responds first then the client will be happy.
In this situation it is probably better to only point at the internal server, that way you can only get a valid response.