Questions tagged [split-dns]

In computer networking, split-horizon DNS, split-view DNS, split-brain DNS, or split DNS is the facility of a Domain Name System (DNS) implementation to provide different sets of DNS information, selected by, usually, the source address of the DNS request.

This facility can provide a mechanism for security and privacy management by logical or physical separation of DNS information for network-internal access (within an administrative domain, e.g., company) and access from an unsecure, public network (e.g. the Internet).

Implementation of split-horizon DNS can be accomplished with hardware-based separation or by software solutions. Hardware-based implementations run distinct DNS server devices for the desired access granularity within the networks involved. Software solutions use either multiple DNS server processes on the same hardware or special server software with the built-in capability of discriminating access to DNS zone records. The latter is a common feature of many server software implementations of the DNS protocol (cf. Comparison of DNS server software) and is sometimes the implied meaning of the term split-horizon DNS, since all other forms of implementation can be achieved with any DNS server software.

Reference - Wikipedia

58 questions

votes

1 answer

Is it safe to add parent domain as additional zone within DNS?

Our internal Windows domain is ad.company.co.uk. When we try to access mail.company.co.uk (for OWA or Outlook Anywhere, as an example), it resolves to the external IP address of the router and gets stuck due to the router's inability to have…

asked May 10 '13 at 13:55

Kez

votes

1 answer

Split DNS for a VPN site without a server

So here's my current setup: Home: RV220W Office: RV042 I have an IPSEC VPN running fine and dandy. Everything pings. I can manually nslookup to my dns servers over the VPN just fine. Now, despite what Cisco may claim, RV220W doesn't have a working…

windows domain-name-system vpn split-dns

asked Aug 23 '12 at 15:22

ShortFuse

votes

2 answers

Not split-DNS, but close

I have read this article on split-DNS: http://www.isaserver.org/tutorials/You_Need_to_Create_a_Split_DNS.html. I think I understand the concept, but to set up the optimal solution suggested in the article I need to control the DNS servers on "the…

windows-server-2008 domain-name-system split-dns

asked Oct 21 '10 at 12:05

jos

votes

2 answers

Split DNS on Windows Server 2008 R2

This is probably a noob question but I have a SMB network with AD domain corp.local and external hosting with a DNS domain corp.co.uk. As a result if I add web services on an internal machine (like cool-app.corp.co.uk) we can't resolve it…

windows-server-2008 split-dns

asked Aug 26 '10 at 12:27

Paul D'Ambra

1,072
1
13
22

votes

1 answer

DNS - Unbound - How to provide different IP for a server based on client network

We have an intranet DNS server using Unbound in FreeBSD. We have another file server with multiple network IP, First one is 10.10.10.10 and Second one in 192.168.10.10. Is there any way that DNS server provide different IP for this file server…

domain-name-system unbound split-dns

asked Apr 28 '22 at 13:38

iamsumesh

vote

0 answers

AD DNS update attempts from public IPs

Is there a way to only have DNS registration occur on truly internal networks? Maybe by leveraging the detection that windows firewall uses for domain interfaces? As it sits we are regularly having laptops try registering myworkstation.mydomain.com…

domain-name-system internal-dns split-dns

asked Aug 05 '19 at 21:38

Tim Brigham

15,465
7
72
113

vote

2 answers

How to change DNS resolution order with OpenVPN on Synology?

I have a Synology DSM which is configured to use VPN clint to connect to company intranet. OpenVPN connection is stable but the DNS servers are not added to the top of the resolve list. Instead it seems that they are added in the middle: cat…

domain-name-system openvpn synology split-dns

asked May 14 '17 at 07:45

sorin

7,668
24
75
100

vote

0 answers

Split-dns based on subnet with windows server 2016

I have a question about split-dns in Windows Server 2016. I've configured DNS in Windows Server 2016. It has three interfaces: 10.x.x.x, 192.x.x.x and 110.x.x.x. I've tried to configure DNS so that if I do a ping from a 10.x.x.x HOST to Windows…

windows-server-2016 split-dns

asked Apr 04 '17 at 14:49

jask

vote

1 answer

Split Horizon DNS via Active Directory?

Say we have an active directory domain corp.mycompany.com and a public DNS domain mycompany.com. Is it possible to create an AD integrated DNS zone for mycompany.com and only host records we need to resolve differently internally vs. external? …

domain-name-system active-directory windows-server-2008-r2 split-dns

asked Dec 14 '15 at 22:37

floyd

1,530
4
18
30

vote

1 answer

External domain not resolving internally (split DNS)

example.com is a registered domain name. Externally, there are nameservers associated with example.com which include an A record for subdomain.example.com which points to an externally hosted web page. Internally, we have example.com as an…

domain-name-system internal-dns split-dns

asked Jun 30 '15 at 20:15

Chris Evans

vote

1 answer

Access RDS internally with same domain name as externally

I have a network setup with a 2008 R2 AD domain called internal.domain.org. Our externally hosted website uses www.domain.org and domain.org. I'd like users to be able to access our RDS server--machinename.internal.domain.org--using the same domain…

windows domain-name-system pfsense split-dns

asked Mar 14 '15 at 02:09

Ron Lee

vote

2 answers

Split horizon DNS with GoDaddy & Microtik routers

I'm looking into a simple split horizon DNS implementation. Using GoDaddy for my Internet DNS and Microtik routers for LAN DNS in a couple locations. In my office I have a server, on the Internet is hq.company.com, but on my office network, I've…

split-dns

asked Nov 15 '14 at 21:16

quickshiftin

2,025
5
27
41

vote

1 answer

How can I access a server on local network using its public name?

I have a problem in which I cannot access a server using its public name from the same network as the server. Access to the server works fine from the internet. Reading up on this problem, I've ran across such things as hairpin NAT, loopback NAT,…

local-area-network split-dns nat

asked Oct 13 '13 at 19:38

JYelton

vote

0 answers

Bind9: Resolve internally then externally

My DNS is running in a split DNS scenario. Both publically and internally we have the same domain. Lets call it test.com When an internal user goes to test.com they get a different response to the outside world. Both zones are hosted on seperate…

domain-name-system bind split-dns

asked Jul 29 '13 at 16:16

Matthew

vote

1 answer

How to setting up a local DNS server in LAN

I'm using BIND9 in Ubuntu to setup a local DNS that is shared by a LAN. Here is what I want to achieve: The BIND9 server and Apache server sits on 192.168.1.65 and currently the web server is accessible via this IP address (192.168.1.65). Now I…

domain-name-system internal-dns bind split-dns

asked Apr 13 '11 at 06:45

Yang Zheng

Prev 1

3 4 Next