Split DNS

Email to friend

Add comment

Votes: 0

Comments: 0

Posted: 26 Oct, 2010
by: Knowledge M.

Updated: 26 Oct, 2010
by: Knowledge M.

Configuring Split DNS

In a split DNS infrastructure two DNS zones are created for the same domain, one to be used by Internal network and the other to be used by the external network. DNS on your internal network resolves to the A split DNS routes the internal hosts to an internal domain name server for name resolution and external hosts are directed to an external domain name server for name resolution.

If you're using Mettle SE as the DNS server for internal hosts you can use DNS forwarder override to implement split DNS deployment. Adding an override to DNS forwarder, go to:

Services --> DNS Forwarder
Click the '+' button under "You may enter records that override the results from the forwarders below"
This brings up the DNS forwarder: Edit host screen You will need to add an override for each hostname in use behind your firewall.

Example DNS overrides for mettle.in and www.mettle.in

Eg 1)

Host:
Domian: mettle.in
IP Address: 192.168.1.5
Description: Override for mettle.in web server

Eg 2)

Host: www
Domain: mettle.in
IP Address: 192.168.1.5
Description: Override for www.mettle.in

Internal DNS Servers

If using other DNS servers in your internal network like Microsoft Active Directory, you will need to create zones for all the domains hosted inside the network along with all other records for those domains.

In network scenarios with BIND DNS server where the public DNS is hosted on the same server as the private DNS, BIND's views feature is used to resolve DNS differently for internal hosts and external ones.

Also read

	NAT Reflection/NAT Loopback

Others in this Category

	Initial Configuration: Setting up Mettle SE in a Local Area Network with Internet Connection.
	Default IP Address & Admin Password (And How To Change It?)
	Configuring DHCP Server
	Enabling The LAN Hosts To Use The Internet Connection (NATing)
	Adding A Second (Or More) Internet Connection To Mettle SE & Setting Up Failover/Load Balancing
	Monitoring The Internet Usage
	How To Turn On/Off The Content Filter & Gateway Antivirus Service
	Fine Tuning The Content Scanner
	Setting Up PPTP VPN accounts
	OpenVPN: Setting Up SSL-VPN accounts
	Setting Up IPsec VPN Accounts
	Deploying A Second LAN With Mettle SE.
	Choosing a VPN Technology
	Adding Firewall Rules
	Setting Up Mettle SE Stack for Active/Passive Fail-Over (CARP)
	Connecting & Securing a Leased Line Connection to Mettle SE
	Port Forwarding (PAT)
	Creating a DNS Entry/Record for the LAN
	Blocking GTalk in the LAN
	Blocking Yahoo! IM from the LAN
	OpenVPN: If VPN Clients Want to Access a Subnet other than "Local network"
	Setting up IPSec Tunnel
	Open VPN Troubleshooting
	PPTP VPN Troubleshooting
	NTP Client/Server
	Setting Up an IPSec VPN Client: Example Given Using Shrewsoft VPN Client
	Firewall: Alias
	Captive Portal
	Virtual IP Address
	OpenVPN: Setting Up a SSL-VPN Client in Windows
	Creating Tagged VLANs
	Cloning Firewall Rules
	IPsec VPN Troubleshooting
	Wake On LAN
	Inbound Loadbalancing
	OpenVPN: Setting up Certification Authority & Generating Certificates
	Changing default webGUI Port and Protocol
	Using Packet Capture
	Using Traceroute
	Package Updates
	OpenVPN: To make OpenVPN client use VPN as the Default Gateway
	OpenVPN: To exclude some Network from using VPN gateway when VPN is set as default gateway for VPN client
	Adding a Static DHCP Lease
	Schedule Based Firewall Rules
	RRD Graphs
	Server Load Balancing
	Firewall Logs
	Backup and Restore Mettle SE Running Configuration
	Event Logging To Remote Syslog Server
	NAT Reflection/NAT Loopback
	Dynamic DNS