Solved

Split DNS

Posted on 2016-11-17
3
24 Views
Last Modified: 2016-11-21
Hi:
1:- What is a Split DNS and where it is used.

Please suggest some good DNS site where I can get complete knowledge of working environment?

Warm regards
Sanjeev Jha.
0
Comment
Question by:Sanjeev jha
3 Comments
 
LVL 16

Expert Comment

by:Dirk Mare
ID: 41891911
This wiki article explains it pretty good..
https://en.m.wikipedia.org/wiki/Split-horizon_DNS

DirkMare
0
 
LVL 12

Accepted Solution

by:
Kent W earned 500 total points
ID: 41891925
Split DNS means that your internal DNS is different than external.
We use this at my company.

Scenerio - The web servers we use for day to day business are also the same web servers our clients hit externally.
Since our web servers and load blancers are physically on our local lan, thus internal, we resolve their internal IP addresses with our internal DNS servers, which are set up to point to the private IPs of said sites  or the load balancer(s) they are behind.

Each of these web servers also has a NATed Public<>Private IP address so they can be reached externally.
We use a different DNS service (the one named in our NS records via the domain registrar) to answer external DNS queries, which resolves to the public, routable IP that we also have NATed through to the internal private IP for said server(s).

The effect is, if  you are on our local lan, and useing our local name servers, you are given the internal address for those assets that are set up this way, and if you are not using our internal DNS, you go through the top level hint servers and ultimately arrive at the named public NS servers for the domain.

I don't know of a public example to give a particular site that may have this setup, as you can see just due to the nature of how it operates.
The split DNS setup only makes sense if you have in internal private network that is also served up, in some form, publicly. As you can see, you can't really setup this scenario on the public net.

Split-horizon DNS is the configuration of ONE Name Server to handle both the internal and external query "answers", thereby giving the correct internal or external IP to the relative DNS client. In BIND, for example, this is accomplished with ACL resource record , then applied to "view" resource record(s) (external / internal views).
0
 

Author Closing Comment

by:Sanjeev jha
ID: 41896452
Thanks for clearing doubt
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Most DNS problems are VERY easily troubleshot and identifiable if you can follow the steps a DNS query takes. I would like to share the step-by-step a DNS query takes from the origin to the destination. _____________________________________________…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now