Difference between revisions of "DNS server split principle"
| Line 4: | Line 4: | ||
| − | = | + | =Simple DNS zone= |
| + | |||
| + | Let's start with a simple reminder. | ||
| + | |||
| + | A standard DNS zone is only internal = '''no one access any internal resources from the outside'''. If you want to do so, you have to use a VPN connection. | ||
| + | |||
[[File:DNS 01 simple.png|none|Simple DNS]] | [[File:DNS 01 simple.png|none|Simple DNS]] | ||
| + | |||
| + | The Internet connection is just OUT. | ||
| + | |||
| + | |||
| + | |||
| + | =Limitations= | ||
| + | |||
| + | ==Shared name== | ||
| + | |||
| + | Sometimes you can use the '''same name on 2 different locations'''. Therefore, some ''resources are only accessible when you are inside or outside''. | ||
| + | |||
| + | |||
| + | [[File:DNS 01 shared name issue.png|none|DNS 01 shared name issue]] | ||
| + | |||
| + | |||
| + | ==Shared internal resources== | ||
| + | |||
| + | Another problem might occurred when you want to '''make an internal resource available from both the inside AND the outside'''. | ||
| + | [[File:DNS 02 split horizon issue.png|none|DNS 02 split horizon issue]] | ||
Revision as of 12:07, 22 August 2014
DNS split is required when you need to provide some resources both internal (intranet) and external (internet) using the same name.
Simple DNS zone
Let's start with a simple reminder.
A standard DNS zone is only internal = no one access any internal resources from the outside. If you want to do so, you have to use a VPN connection.
The Internet connection is just OUT.
Limitations
Sometimes you can use the same name on 2 different locations. Therefore, some resources are only accessible when you are inside or outside.
Another problem might occurred when you want to make an internal resource available from both the inside AND the outside.
DNS split is required when the internal domain name matches an external name.
