We help IT Professionals succeed at work.

Internal / External DNS Issue

Plucka asked
Last Modified: 2010-03-19

We have an external DNS providor for our real domain. This domain has a lot of sub domains.

What I want is to have an internal DNS for the same domain so that the internal version points to the local IP's and all other subdomains look at the external DNS.

Here's an example.

www.domain.com External IP (Don't need internal Entry)
intranet.domain.com Internal IP (Internal Addess

I could probably achieve this but duplicating every A record internally I guess, but am hoping to avoid this. Is what i'm after possible.
Watch Question

Well you could not make a record for domain.com, and just make individual records for the subdomains you want, that would keep domains you don't define still looked up by the external server.
intranet.domain.com and www.domain.com are not subdomain, but hosts.

sub-domain is something like:  www.intranet.domain.com  (intranet would be a subdomain)

You just need to copy the external zone, then modify the records.

Do you have a PIX firewall which goes in the network where you do the 1-1 mapping ? If so, we could slightly change the configuration and you could achieve that. It is called DNS Doctoring.





My terms are wrong, they are hosts not subdomains.

I want to be able to just define the local hosts and have all the rest resolve to the real DNS server.

Is this possible without having every host defined. I don't have PIX firewall.
hmm.. Then other than the DNS Alias records, you could create the entries for local host in 'hosts' file. Create one and deploy it to all the machines.




I thought of that but it's ugly. Thought there might be a simple solution.
Well, I know only of those 3 solutions. May be you can wait for some more time to see if someone comes up with something.

SOunds like you are trying to do the domain/subdomain translation for the hosts or subdomains on the inside of the network.  This is not the way it works -- although it can be done through a master webpage, believe me, it is more hassle than just setting up the subdomains on the providers setup.  They are called pointed domains, and you point each domain to a subdirectory on your server, and it is more reliable than the master webpage idea.  But I am not sure this is what you are trying to do, your description of what you want is not clear.


It's quite simple.

I have a host


When I try to browse this internally it loops at the firewall trying to go out and back in.

So internally I need

webmail.domain.com to go to a local ip, say

But I don't want to have to set up every external host for this domain internally as there is a lot of host A records & CNAME records.
AHA!!  Totally different than what I thought.

All you need do is add an entry into your HOSTS and LMHOSTS files like this --


Do that in both files on the server, and you are DONE !!!  It is SO easy, and you can change it at any time.  Give it a little time to propagate on the local network, and in a day you will be getting where you want, and when you want to go out through the net, just comment out the entry.  This is the MS approved way of providing routing other than what is normal for the OS, and the TCP/IP topology.

The files are located in C:\WINDOWS\SYSTEM32\DRIVERS\ETC


So I can do this on the server and all client computers will pick it up?
YES, all it takes is a little time to propagate, 30 mins for small network, 10+ hours for very big network.
This one is on us!
(Get your first solution completely free - no credit card required)



I'm not sure why I missed your first post or didn't understand it.

But this solution is sooo simple. Just tried it and it works perfectly. I didnt think HOSTS/LMHOSTS populated to clients.

This solution is also easier to administer and is visible through DNS rather in hidden files.

Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.