To avoid total confusion, you thus have these options:
- Do not use DHCP to acquire IP interface addresses
- Make sure the DHCP server does not send DNS-related parameters (a bit hard if you're using DHCP with your ISP)
- Rely exclusively on DHCP to provide your router with the DNS name server addresses
Apart from having too many valid DNS requests for the zone the router is responsible for, the observed behavior could be spam-related. Just a few days ago when I've discussed the router-based DNS server with my security engineers, they've pointed out that a lot of spammers perform regular DNS attacks trying to poison the DNS cache of unpatched open caching DNS servers.
Obviously, a router is no match in raw CPU power to a high-end server, so even when running the authoritative server on the router, it might not be a bad idea to use a DNS server of your ISP as the secondary DNS and list only the ISP's DNS server in the NS records for your zone. This would deflect most of the traffic (as nobody would know your router is acting as a DNS server), but I would still apply an inbound access-list allowing only DNS queries from the secondary name server on the Internet-facing interface.
Alternatively, you could protect the router with Control Plane Policing and drop excessive DNS request packets, but that would affect the queries you should respond to as well.
DNS server for a zone, use the ip dns primary command, for example:
Next, you need to define primary and secondary name servers for the domain.
ip dns server
ip dns primary website.com soa ns.website.com
[email protected] 86400 3600 1209600 86400
Use the ip host ns command:
ip host website.com ns ns.website.comYou can also define mail routing for the domain with the ip host mx command:
ip host website.com ns ns.isp.com
ip host website.com mx 10 mail.website.com
ip host website.com mx 20 mail.isp.com
Finally, you need to define hosts within your domain (with the traditional form of the ip host command):
ip host ns.website.com 192.168.0.1 ! router's IP address
ip host www.website.com 192.168.1.1
ip host website.com 192.168.1.1 ! alternate for www.website.com
ip host mail.website.com 192.168.1.2