UniFi DNS Server - DNS Records

For the Domain Forwarding, this could be used to black-hole public domains you do not want resolved internally, by forwarding the queries to an invalid DNS server IP (to return SERVFAIL responses), or to an internal DNS server that is hosting a Root zone (so it would return NXDOMAIN responses).
If your hosting multiple internal domains on different internal DNS servers, you could also use the Domain Forwarding to redirect those queries to the appropriate internal DNS servers.
Mind you, this functionality can also be done via 3rd party DNS servers such as Pihole or AD DNS (if your running AD DNS in your environment).

I find DNS records very useful when connecting remotely via VPN. It is much easier than memorizing an IP address when needing to access a remote resource.

The MX would be for those who run their own mail server like Mail-In-A-Box I would think. I'm going to play around with the DNS stuff on my 2nd test Unifi setup later, should be fun. Thanks for the video, Willie.

Hello I saw Unifi ad NAT configuration, could you do a video how to setup or ise it please.

This allows the internet to be used even if all Domain Controllers are down at a clients office. You can point all devices to Unifi DNS and set the forwarding domain for your AD integrated domain back to your DC. Then AD will work correctly and the internet will work for all devices even if the server is rebooting/offline, etc.

I‘m so glad, that they finally implemented a usable DNS configurator. When CNAMEs are implemented, I can ditch my Windows DNS server.

Don't see myself hosting my own mail server any time soon but CNAMEs will definitely be useful! 👍🏻

Nice video, thanks! I'm still waiting for reverse DNS lookup support. I'm currently using two Synology NAS's as my primary and secondary DNS servers. They work great, except for extended power outages, since the NAS's don't last as long using UPS compared to my Unifi UDM-SE. I guess if I use Unifi for DNS, there's no real need for a backup/secondary DNS server, because if my UDM-SE DNS is down, chances are it is down and there won't be any Internet access anyway (but I guess internal DNS queries won't be dependent on Unifi if I stayed with Synology).

I have ran into using a special MX record internally when dealing with AS400 systems. But that was some time ago, in a land far far away!! LOL

Without going into great detail in a comment, for those people that have multiple WAN IPs I could see this being useful.

I run several hestiacp panels (Web,email,dns) and it's FREE, separate dns cluster, cctv system for different sites over vpn, crypto validator, crypto worker and nodes.
The nas is purely a nas no apps installed used for cctv, email and vm/lxc backups, storing video and photos.

I have used an internal MX record when when hosting an exchange server and wanted my MX records to be different than the public. Very small use case scenario.

Add DNS over TLS and I'm in.
I've been using DoT on an aging pfSense box for years. Why pass all of your DNS queries in the clear to your ISP for harvest an monetization?

I use Hestiacp for web hosting, email, dns etc etc.

Does it support PTR records ?

can it do ip-blocking like Pi-Hole ???

Not really ready for primetime without CNAME support.

I run My own dns cluster, think I will wait until it's been tested to death and back before trying unifi version of dns.

It's sad that Unifi is getting features I wanted now that I am only using their wifi.

I guess the usg-pro-4 doesn't have it

Unifi needs DNS over HTTPS (aka DoH) support... I've decided to dump Unifi slowly and unfortunately. Their company has taken a bad turn and doesn't seem to be coming back.