Configuring an internal nameserver

I have a bunch of devices on my VPN that have addresses randomly assigned in an IPv6 Unique Local Address range. I also have a DNS server set up that can resolve the device name to their internal address. This server is set up within the VPN at a fixed address.

I tried to create a NS record at so that subdomain requests would be sent to the internal server, however Cloudflare is attempting to fetch from the upstream server itself, which fails because it is at an address only accessible from within my VPN.

Is it possible to configure a nameserver record like this, or am I misunderstanding how DNS works?

My current configuration has the following two records

Type Name Value Proxy
AAAA internal-ns fdd5:f14e:89b6:c254:XXXX:XXXX:XXXX:XXXX Not Proxied
NS internal DNS Only

I noticed that despite being a local address, the value for internal-ns still has the option of being proxied through Cloudflare, unlike ipv4 local addresses which typically say DNS only - reserved IP

You’re asking for a recursive lookup and getting one. The system resolver doesn’t do recursive lookups; it asks the nameserver for a lookup and gets one reply back with the final answer.

You could run your own recursive DNS server internally that can reach both the internet and your local network and point your clients at that for lookups instead of an outside nameserver. You could also use a caching resolver that is set up to forward requests for a subdomain to your internal server, and all others to a recursive server outside.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.