Solution 1:

After getting PfSense installed and running, it turns out that this is a non issue; I can keep the DNS records the same everywhere, and use PfSense's DNS Forwarder and Override to filter and fix the addresses for hosts located on the same private network. Win!

Solution 2:

How about setting up one domain per host? We use :

  • .syd.int.companyname.com
  • .lsa.int.companyname.com

Where there is a 3 letter code for each location. So when the user hits "mail" for example, it will use the domain to resolve the local mail host . Sometimes CNAMES are used across domains when there is only one central version of a service.

Both NAT reflection and split-DNS are possible to do and will solve your problem but they are more complex to maintain and trickier to debug.

Stupid question but - why do you need to serve different DNS results anyway? Is there a star topology VPN between all the sites or to the colo from all sites and can't you therefore resolve the same IPs in each zone?