Dealing with multiple private DNS servers

I'll try to explain this as best I can...

I'm on ubuntu 13.04, and I am running a local BIND instance at 127.0.0.1 for access to basic wild-card DNS for development (i.e. "*.dev == 127.0.0.1" - yes, I know, don't create fake tlds, etc. This is entirely local to my machine, though).

I also have clients who have their own DNS servers set up through a VPN (at 192.168.140.111 or something similar).

My problem is that if my resolv.conf has their DNS server listed first, I can't access my *.dev, and if I have my DNS server listed first, I can't access their *.vpn records.

Currently, this is my resolv.conf:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.140.111
search ns1.vpn
nameserver 127.0.0.1
nameserver 127.0.1.1
search fritz.box

The first three lines of the config are in /etc/resolvconf/resolv.conf.d/head, so they'll survive through a resolvconf -u.

Essentially what I want to know is this: is there a way for me to set this up so *.dev goes to my dns server, and *.vpn goes to theirs, (and everything else goes off to my ISP).

Solution 1:

Yes, there is. Configure your local resolver to be your local bind (nameserver 127.0.0.1 in /etc/resolv.conf), then tell your local nameserver that it is locally-authoritative for .dev (as you already are); that .vpn is a special TLD, queries for which should be sent to a custom DNS server; and that all other queries should go to your ISP. This is the sort of thing you'll want to add to named.conf:

zone "vpn" {
        type forward;
        forward first;
        forwarders {
                192.168.140.11 ;
        } ;
} ;

zone "." {
        type forward;
        forward first;
        forwarders {
                dns.of.isp.1 ;
                dns.of.isp.2 ;
        } ;
} ;