0

We have a server in our LAN which is locally available at a fixed ip. We now have a DDNS Service and a port forwarding rule to make the server available from outside. Additional we added subdomain at our like server.example.com pointing to server.dyndns.com.

Now we are able to access the Server from outside the LAN. We now want to be able to access the server.exmple.com domain from within the LAN. I see two options to do it.

  1. Create a NAT rule for all traffic pointing to the external WAN IP. Since we have more than one this must be created for each WAN Interface wich is a lot of work since i have to do this for each service

  2. Setting up a local DNS Server. Which is not too hard, since we have a Synology NAS which has a built in one, which is already present in the network as secondary DNS Server redirecting to Googles DNS Server. We may need additional subdomains as server2.example.com. I thought of a solution where i add a zone for each subdomain. So all the other zones get handled externally and only the internal are addressed by the local DNS Server.

Since i prefer solution number 2 i want to setup the server to redirect server.example.com to our internal Server but keeping the example.com domain as it is.

Is there a way to do this in a simple way? Otherwise i would stay with solution 1.

pfried
  • 83
  • 1
  • 10

1 Answers1

0

You would need to create (what the inside clients would think) was an authoritative copy of example.com and then add your record to it. Read up on split brain DNS. So external lookups would get the Internet facing address and internal what ever you defined.

It's actually pretty simple but seems to confuse the crap out of some people.

TheFiddlerWins
  • 2,973
  • 1
  • 14
  • 22
  • 1
    perhaps you mean **split horizon DNS**? – DukeLion Aug 26 '13 at 13:25
  • Sure, although I think split horizon is something your software has to support where split brain is done on your side (one looks at who is requesting, the other is 2 different zone databases on 2 different DNS servers). Quite possible I'm conflating two services here, never seen a RFC for split brain but I have seen references to this in several reputable publications. – TheFiddlerWins Aug 26 '13 at 13:31
  • like this one: http://en.wikipedia.org/wiki/Split-horizon_DNS ? – DukeLion Aug 26 '13 at 13:32
  • Not to get into a discussion but that link says "selected by, usually, the source address of the DNS request." I don't think a synology device has this ability. – TheFiddlerWins Aug 26 '13 at 13:35
  • Oh, I'm sure it does - http://www.synology.com/support/tutorials_show.php?lang=enu&q_id=584 there's 'limit source ip option' – DukeLion Aug 26 '13 at 13:42
  • the synology is very capable in various aspects. We solved the thing by creating Zones for each subdomain and create one A-Record in it to point to our internal server, this way the external domains dont get touched and we have dns resolution internally – pfried Aug 28 '13 at 06:36