0

Sorry i don't really know how to phrase the question, perhaps let me explain the scenario.

Say I own the domain xyz.com, and I'm using AWS Route 53 as my DNS.

I want to have someInternalStuff.xyz.com resolvable to an internal IP address when I connect to my VPN

I have setup a VPN server and a DNS server, and when I connect to the VPN, it pushes the DNS server to me. That's great, I setup bind9 to act as the authoritative server for the zone xyz.com., when I connect to the VPN, I can dig someInternalStuff.xyz.com. But is there a way I can configure my dns to fall back to DNS servers out on the internet if it can't answer the query, say www.xyz.com even though it's the authoritative dns for xyz.com?

Justin Kiang
  • 101
  • 1
  • before anyone says i can just name my zone like internal.xyz.com, so i can have someStuff.internal.xyz.com, I want to use my *.xyz.com SSL cert on even the internal stuff, so that wouldn't work – Justin Kiang Aug 18 '15 at 06:28

1 Answers1

0

You can have an internal server that contains different records than your AWS DNS. However if you want different responses for valid records, you will either need views or, possibly, RPZ records. The split-view setup you seem to be talking about is not that uncommon.

Rick Buford
  • 166
  • 5