We have 2 domains within our forest, Domain 1 and Domain2. Both domains are part of a secure private network. Some of the hosts in Domain2 are public facing and and have both public/private IP addresses. eg host1.domain2.com has private address 172.30.100.17 and public address 220.127.116.11. Domain1 has a conditional forwarder to an internal DNS server within domain2; dns.domain2.com.
If there is a network problem between the 2 domains or dns.domain2.com is rebooted, clients in Domain1 are resolving address 18.104.22.168 for host1.domain2.com. This address is not valid on the private network (I can exlain this further if need be), clients can't connect to it and they also cache it for serveral hours.
Is there a way to prevent DNS requests for domain2.com being routed to the internet if dns.domain2.com is unavailable?