• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 319
  • Last Modified:

Split DNS?

We are running an application server that needs to be accessed both from an external IP outside the office, and an internal IP within the office.
Currently, when we are connecting to server.ourdomain.ca from inside the office, it connects to the external IP address.
Internally, we use localdomain.ca which is internal only and is different than ourdomain.ca
I am not very experienced at DNS, so wonder if someone could help outline whether this would be an easy fix for me to make on our Server 2008 R2 server?
We need to ensure that www.ourdomain.ca still connects to the hosted web, but connecting to app.ourdomain.ca from the internal network will connect to the internal IP of the server.
If it is a LOT of trouble, then I guess I just add to the HOSTS files on each computer, but that is the last resort.
1 Solution
Yes, add an internal Forward Lookup zone called 'ourdomain.ca'

In there add the host records for www and app
www points to the external hosting company
app points to your internal ip address

Will solve everything...

Do you need specific instructions for how to do this?
Hypercat (Deb)Commented:
Note on smckeown777's post - make sure the internal zone for ourdomain.ca is NOT authoritative (i.e., not a root zone).
Cliff GaliherCommented:
It is not difficult at all. You can a few choices. The two that seem the most reasonable are:

The first option:
Create a zone on your local DNS server(s) for ourdomain.ca
Add an A record for "server" or "app" (or whatever) and give it the internal IP address. Then internal clients querying the DNS servers will get the internal IP.
Create a second A record for "www" and give it your web hosts address.

This approach works, but if you have a lot of internal or external resources, it can make for duplicating and managing more records.

The second option:
Create a zone (not a record) for "app.ourdomain.ca" (or server.ourdomain.ca, or whatever)
Create a blank A record (so it is the root record for the zone) and give it the internal IP address.

Lookups for that name by internal clients will be answered by the internal DNS servers since they have a matching zone. And you only have to maintain that record. Lookups for www.ourdomain.ca (or any other record) will not match the zone, so will be recursively looked up to the external DNS servers (root hints, forwarders, etc) and will return the external IP addresses configured for those records.

Can be easier to maintain and more foolproof, but again, can also require several zones on your internal DNS servers is you have multiple internal resources you are wanting to split.

Both options clearly have pros and cons and which one you choose really depends on your environment. I don't consider either one right or wrong.
MicroficheAuthor Commented:
Thanks for the step by step - I did it and it worked.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now