Different DNS for Internet and Intranet When you have different DNS definitions for your local domain for internal use and use by hosts on the Internet, you want what is commonly referred to as "split-horizon DNS."
Your "External" DNS server (i.e. the stuff registered with a domain registrar) only contains the bare minimum information (i.e. MX records, externally accessable hosts, and reverse lookup for your IP space). The "internal" DNS contains everything, both inside and outside numbers. Your internal hosts and the firewall will use the internal DNS server, which may use the external DNS server as a forwarder to answer requests (i.e. resolve stuff outside of your domain).
Each DNS server would be set up on different systems. Your internal DNS server should be inside your firewall on the internal network. Your external DNS server should either be on the DMZ/service net, or outside the firewall entirely (perhaps your ISP manages it). On some firewalls (Gauntlet, Raptor, etc), they run a DNS server on the firewall itself. You can do this, but most people (myself included) do not recommend this configuration.
--
PhoneBoy - 10 Jan 2004
FAQForm FAQs.Class:
MiscellaneousFAQs FAQs.OS: FAQs.Version:
Different DNS for Internet and Intranet 
2005-08-12 
Different DNS for Internet and Intranet 
Linear Mode
