Some question regarding Split Brain DNS structure and DNS Forwarder,
1. DNS server located in LAN, dns request will send to Root Hint and cache the resolved name. In some case the the name can not be resolved by Root DNS, then request will go thru the Forwarder in order to resolve the names. Is this because the Internet Traffic issues? and the role of Forwder functions as a shortcut?
2. Split Brain DNS dtructure consist of 1 Local DNS server and 1 External DNS Server, the local DNS server will query external DNS server for naming resolution, Do it mean the external DNS server became the ROOT DNS server of Local DNS server? Does it mean the External DNS sever is functioning as a Cacheing Server only? Does Externel DNS server need to have Forwarder configured?
3. A little bit confuse from the point view of security concren that stated External DNS server is exposing to public/internet area as a gateway, so the public can't query the LAN DNS strucure. But as my understanging, many corp put their DNS server behind the firewall with certain security setting to refue/block the public query to LAN DNS server. So, what is the real reason for implementing the Split DNS?