DNS server for fake domain, for internal testing usage only (on Linux)

Solution 1:

The short answer is yes and it doesn't matter whether your domain is real or fake. It's just generally a better idea to use something you own (or a sub-domain of something you own) to avoid potential problems in the future. Using a real domain you own also makes it possible to get real (publicly trusted) certificates for names in that domain without needing to stand up an internal PKI.

Just about any DNS software can support what you're trying to do. It will be acting as both an "authoritative" and "recursive" DNS server. It will be authoritative for the example.com (or whatever) zone and recursion is the piece that allows queries it is not authoritative for to get resolved from the internet.

So your clients point to only your DNS server in their resolv.conf. Queries for anything in example.com get resolved using its records. Queries for anything else will have the DNS server reach out to the internet for the answers, (likely) cache them, and return them as "non-authoritative" responses to the client.

Solution 2:

I use dnsmasq for similar purposes. I have it running on a Raspberry Pi. It serves as the local DNS server for my network, so all clients query it. If the domain is not in its local database or cache, it does a query to an Internet DNS server (I ran some tests to see which had the fastest response time and selected those).

With this setup, you can have both real and "fake" domains. For example, when working on a website, I might change the IP address of the real domain to a local work-in-progress address on the dnsmasq server. When I'm done and I want it to access the real website on the Internet, I just remove the setting. (Keep in mind this is a small network that I have complete control over. In a more complicated scenario, you wouldn't want to be changing things back and forth like that).

In dnsmasq, you can do:

address=/myfakedomain.com/10.16.1.20

to redirect queries for myfakedomain.com to the IP address specified. You can even do things like:

address=/plex/10.16.1.55

to enable users to type keywords and access services on the network.

I also use it as my DHCP server, and that's one way I ensure that it is given out as the primary DNS server for the network.