DNS Forwarder
In WinRoute, the DNS Forwarder plug-in can be used to enable easier configuration for DNS hosts within local networks or to speed up responses to repeated DNS queries. At local hosts, DNS can be defined by taking the following actions:
-
use IP address of the primary or the back-up DNS server. This solution has the risk of slow DNS responses.
-
use the DNS server within the local network (if available). The DNS server must be allowed to access the Internet in order to be able to respond even to queries sent from outside of the local domain.
-
use DNS Forwarder in WinRoute. DNS Forwarder can be also used as a basic DNS server for the local domain (see below) or as a forwarder for the existing server.
In WinRoute default settings the DNS Forwarder is switched on and set up so that all DNS queries are forwarded by one of the DNS servers defined in the operating system (usually it is a DNS server provided by your ISP). The configuration can be fine-tuned in Configurations / DNS Forwarder.
Enable DNS forwarding
This option switches between the on/off modes of the DNS Forwarder (the service is running on the port 53 and UDP protocol is used by this service). If DNS Forwarder is not used for your network configuration, it can be switched off. If you want to run another DNS server on the same host, DNS Forwarder must be switched off, or there will be a collision on the port.
DNS forwarding
DNS Forwarder must know at least one DNS server to forward queries to. This option defines how DNS Forwarder will identify the IP address of the server:
-
Forward DNS queries to the server automatically... functional Internet connection is required. At least one DNS server must be defined within TCP/IP configuration (in Windows, DNS servers are defined at a particular adapter, however, these settings will be used within the entire operating system).
DNS Forwarder can read these settings and use the same DNS servers. This provides the following benefit the hosts within the local network and the WinRoute host will use the same DNS server.
-
Forward DNS queries to the specified DNS server(s) DNS queries will be forwarded to the specified DNS server/servers (if more than one server specified, they are considered primary, secondary, etc.). This option should be used when there is the need to monitor where DNS queries are forwarded to or to create a more complex configuration.
Enable cache for faster response of repeated queries
If this option is on, all responses will be stored in local DNS Forwarder cache. Responses to repeated queries will be much faster (the same query sent by various clients is also considered as a repeated query).
Physically, the DNS cache is kept in RAM. However, all DNS records are also saved in the DnsCache.cfg file (see chapter Backup and Import of Configuration). This means that records in DNS cache are kept even after WinRoute Firewall Engine is stopped or WinRoute is disconnected.
Notes:
-
Time period for keeping DNS logs in the cache is specified individually in each log (usually 24 hours).
-
Use of DNS also speeds up activity of the built-in proxy server (see chapter Proxy server).
Use custom forwarding
Use this option to define custom settings for forwarding certain DNS queries to other DNS servers. This can be helpful for example when we intend to use a local DNS server for the local domain (the other DNS queries will be forwarded to the Internet directly this will speed up the response).
Use the Define button to open the dialog for definition of custom rules.
DNS server can be specified for:
-
a domain queries requiring names of computers included in the particular domain will be forwarded to this DNS server (so called A queries)
-
a subnet queries requiring IP addresses of the particular domain will be forwarded to the DNS server (reverse domain PTR queries)
Click on the Add or the Edit button to open a dialog where custom DNS forwarding rules can be defined.
-
Use the Name DNS query alternative to specify rule for DNS queries on names of computers included in the particular domain (or multiple domains). Use the If the query contains domain entry to specify name of the particular domain.
Specification of a domain name may contain * (asterisk substitutes any number of characters) and/or ? (question mark substitutes a single character). The rule will be applied to all domains matching with the string.
Example: Domain name will be represented by the string ?erio.c*. The rule will be applied for example to domains kerio.com, cerio.cz, aerio.c, etc.
-
Use the Reverse DNS query alternative to specify rule for DNS queries on IP addresses in a particular subnet. Subnet is specified by a network address and a corresponding mask (i.e. 192.168.1.0 / 255.255.255.0).
-
Use the Then forward query to DNS Server(s) field to specify IP address(es) of one or more DNS server(s) to which queries will be forwarded. Use semicolons to separate individual entries.
If multiple DNS servers are entered, they are considered as primary, secondary, etc. If no server is specified, then DNS queries meeting the rule will not be forwarded to any DNS server WinRoute will only scan the local hosts file or tables of DHCP server (see below).
Simple DNS Resolution
DNS Forwarder can be used as a simple DNS server for one of your local domains as well. This can be performed due to the following functions:
-
'host' file this file can be found in any operating system supporting TCP/IP. Each row of this file includes host IP addresses and a list of appropriate DNS names. When any DNS query is received, this file will be checked first to find out whether the desired name or IP address is included. If not, the query is forwarded to a DNS server.
If this function is on, DNS Forwarder follows the same rule. Use the Edit button to open a special editor where the HOSTS file can be edited via Kerio Administration Console even if this console is connected to WinRoute remotely.
-
DHCP lease table if the hosts within local network are configured by the DHCP server in WinRoute (see chapter DHCP server), the DHCP server knows what IP address was defined for each host. After starting the system, the host sends a request for IP address definition including the name of the host.
DNS Forwarder can access DHCP lease tables and find out which IP address has been assigned to the host name. If asked to inform about the local name of the host, DNS Forwarder will always respond with the current IP address.
... combine the name ... with DNS domain
Insert the name of the local DNS domain in this text field.
If a host sends a query to obtain an IP address, it uses the name only (it has not found out the domain yet). DNS Forwarder needs to know the name of the local domain to answer queries on fully qualified local DNS names (names including the domain).
The problem can be better understood through the following example:
The local domain's name is company.com. The host called john is configured so as to obtain an IP address from the DHCP server. After the operating system is started the host sends to the DHCP server a query with the information about its name (john). The DHCP server will respond with the IP address 192.168.1.56 and it will keep information about assigning the IP address from the table to the john host.
Another host that wants to start communication with the host will send a query on the john.company.com name (the john host in the company.com domain). If the local domain name would not have been known by DNS Forwarder, the forwarder would send the query to the DNS server as it would not recognize that it is a name from the local domain. However, as DNS Forwarder knows the local domain name, the company.com name will be separated and the john host with the appropriate IP address will be easily looked up in the DHCP table.
Note: If the local domain is specified in DNS Forwarder, local names with or without the domain can be recorded in the HOSTS file.
