Handling domain name server lookups from the hosts on the LAN with IP
masquerading has always presented a problem. There are two ways of
accomodating DNS in a masquerade environment. You can tell each of the
hosts that they use the same DNS that the Linux router machine does,
and let IP masquerade do its magic on their DNS
requests. Alternatively, you can run a caching name server on the
Linux machine and have each of the hosts on the LAN use the Linux
machine as their DNS. Although a more aggressive action, this is
probably the better option because it reduces the volume of DNS
traffic travelling on the Internet link and will be marginally faster
for most requests, since they'll be served from the cache. The downside
to this configuration is that it is more complex. Section 6.3.4,” in Chapter 6, describes how to configure
a caching name server.