NAT Reflection, or Split DNS?

domain-name-system nat internal-dns pfsense

Solution 1:

After getting PfSense installed and running, it turns out that this is a non issue; I can keep the DNS records the same everywhere, and use PfSense's DNS Forwarder and Override to filter and fix the addresses for hosts located on the same private network. Win!

Solution 2:

How about setting up one domain per host? We use :

  • .syd.int.companyname.com
  • .lsa.int.companyname.com

Where there is a 3 letter code for each location. So when the user hits "mail" for example, it will use the domain to resolve the local mail host . Sometimes CNAMES are used across domains when there is only one central version of a service.

Both NAT reflection and split-DNS are possible to do and will solve your problem but they are more complex to maintain and trickier to debug.

Stupid question but - why do you need to serve different DNS results anyway? Is there a star topology VPN between all the sites or to the colo from all sites and can't you therefore resolve the same IPs in each zone?

Related

Exchange 2010: Alias vs. SMTP address
Overlapping queues on Sun Grid Engine?
Store a table in a memory
WebDAV for accessing fileserver for iOS apps
Windows Server roadmap for future?
Failover cluster failed to failover due to mysterious IP conflict?
How to block a Countries IP range with a Cisco ASA?
Two DHCP Servers, Block Clients for one of them?
Script launching 3 copies of rsync
iproute: disable "tc" command
Does Intel vPro work via add-on NICs?
Using Virtualization (vmware or virtualbox) to setup ipv6 network