Is it a security risk to use your lan dns server for you dns in your router
Posted on 2008-11-19
Is it a serious security risk to use your Lan DNS Server for the DNS in your edge router... I have several servers and services running on my lan... My purpose in doing this is when my WAN dns (I subscribed to) directs traffic to my WAN address. Currently I use Porting to direct all traffic to a specific server. IE. all port 80 traffic goes to one Specific Server. However, this is a slight problem because it mean that the router is not taking in consideration what I have for my "domain.com" LAN DNS. Therefore, if I had a web server say on *.*.*.250 and an Exchange server on *.*.*.252 all incoming traffic is currently going to follow my "Port" Rule in my router and will not take in consideration that my internal dns says that my (mail.domain.com should go to *.*.*.252 and my www.domain.com should go to *.*.*.250). However, internally if I type my www or mail they go to the correct servers. I understand why the problem exists.... Just merely want to know if it is possible and how risky it is to use my internal dns on the router and then use the forwarders on my dns server to send my internal traffic outward.
Hope this makes sense. This is not something I am going to immediately try... just something I have been thinking about and wondering the overall result.