Newbie> Internal and Extrernal

[Kevin Darcy]

clarke wrote:

> What are the benefits of using an internal and external DNS server?

Security, security, security. The three main benefits that come to mind
are:

1) You can turn off recursion on the external DNS server, which
elegantly eliminates whole genres of cache poisoning and/or DoS types of
attacks.

2) If your external DNS server is compromised, at least it doesn't
directly affect name resolution for your internal clients.

3) Using a "split" DNS like this allows you to only publish a subset of
your domain names to the external world and keep the rest hidden.
Exposing your internal names to the outside reveals details of your
internal network architecture, and, depending on your naming
conventions, possibly also your organizational structure as well.


- Kevin