Right. Indeed, I meant local LAN DNS. I mean, it's always a chain, right?

For instance in my home network, I've got:

Local LAN devices
|
192.168.0.1 - WiFi router, DHCP server for wired and wireless LAN, DNS server for wired and wireless LAN.
|
10.0.0.1 - Cable modem which also has DHCP and DNS server.
|
X.X.X.X - Upstream servers from the cable company, and then on to the internet.

For me, each of those items are physically chained so that the local LAN devices can only see 192.168.0.1 when they're plugged in and connected. The cable modem is chained into the "upstream" port on the WiFi router, so you have to go through that WiFi router to get to it. The cable modem has only one device connected to it: The WiFi router, and it serves DNS and DHCP requests to that single device only.

The WiFi router is configured so that its DNS is obtained automatically from whatever is upstream, but it's supposed to handle any local LAN DNS requests first, before forwarding the remaining requests upstream.

Some ways that a second DNS server could possibly get involved in this scheme, that I can think of off the top of my head is:

- Another unknown device, inside the 192.168.0.1 network, fires up a DNS process and works as a rogue DNS server inside my network.
- The DNS/DHCP server at 192.168.0.1 malfunctions, and fails to resolve a local LAN address, forwarding the request upstream to 10.0.0.1.
- Some of my local LAN devices might accidentally get configured to point their DNS to 10.0.0.1, or even some other DNS server, to get their DNS resolution. In theory this shouldn't happen, because they should all be set to DHCP, which should automatically deliver all of them my local intended DNS server address (which should always be 192.168.0.1).
- Some device on my network tries to be clever, and somehow figures out that it can talk to 10.0.0.1 once it's connected to the router, and configures itself to get DNS from that location.
- If I accidentally plugged in network cables wrong, so that local LAN devices have a path to reach the cable modem directly.
- If someone logs into the cable modem's built-in WiFi (which I have disabled though).
- Something maybe weird happens with UPNP if that's enabled on either of the routers? Not sure if that's possible, but UPNP sometimes causes funky stuff to happen.