How to setup BIND DNS to retrieve all non authoritative queries from another server

Question

Background: I have a home network with a few PC's/equipment and a cheap gateway router which does DHCP, DNS internet routing, etc.

IP addresses of devices on my network:
- cheap ASUS gateway router 192.168.1.1
- centos host with BIND installed 192.168.1.101 (I would like to name CVDEV.beraben.internal)

I installed BIND (centos) on one of my local hosts because I want it to resolve names for devices on my local network.

I would like to setup BIND DNS to operate in the following way.

1. Bind will provide an answer for the hosts on my local network (configured in the zone file seen below)
2. Any requests for other hosts i.e. on the internet should be serviced by my ASUS router. (as it was before i decided to install BIND)

Here is the named.conf and zone file with my attempt on how this can be done. It works with the local hosts setup in the zone file but does not work for resolving internet hosts.

Can someone please point out what is wrong?

    options {
        listen-on port 53 { 127.0.0.1; 192.168.1.101; };
        listen-on-v6 port 53 { ::1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { localhost; };
        recursion yes;

        dnssec-enable yes;
        dnssec-validation yes;
        dnssec-lookaside auto;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";
};

logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};


view "external" {
        match-clients { none; };

        zone "." IN {
                type hint;
                file "named.ca";
        };
};


view "internal" {
        match-clients { 127.0.0.1; 192.168.1.0/24; };

        zone "." IN {
                type forward;
                forwarders {192.168.1.1; 8.8.8.8;};
        };

        zone "beraben.internal" IN{
                type master;
                file "beraben.internal.zone";
                allow-query { any; };
                allow-update { none;};
        };
};
//include "/etc/named.rfc1912.zones";
//include "/etc/named.root.key";

beraben.internal.zone file

    $TTL 86400
@   IN  SOA     ns1.beraben.internal. root.berabin.internal. (
        2013042201  ;Serial
        3600        ;Refresh
        1800        ;Retry
        604800      ;Expire
        86400       ;Minimum TTL
)
; Specify our two nameservers
@               IN      NS              ns1.beraben.internal.
; Resolve nameserver hostnames to IP, replace with your two droplet IP addresses.
ns1             IN      A               192.168.1.101

; Define hostname -> IP pairs which you wish to resolve
@               IN      A               192.168.1.101
www             IN      A               192.168.1.101
cvdev           IN      A               192.168.1.101

Answer 1

Problem was solved by first adding

forwarders first;
forwarders { 192.168.1.1; };

and disabling dnssec

dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;

Answer 2

Try adding the forwarders directive to your options section, and specifying the DNS server on your ASUS router or another external DNS server as in the following:

forwarders { 192.168.0.1; };

With this configuration, all queries for anything other than the locally served domain(s) should be routed to 192.168.0.1.