How to Set Up Split DNS
Most homes or offices with an Intranet or internal browser network use the same Domain Name Service to resolve a single hostname (the dotcom name) on the network for internal machines and computers that access the network from the outside world. Using the same DNS address for internal and external computers causes some security concerns as it potentially makes some pages or files intended only for internal network viewing available on the Internet. Using a split DNS forces internal machines to resolve some functions for the hostname on the internal network to improve latency and security, and provides remote users with access to relevant pages on the internal network.
Other People Are Reading
Things You'll Need
- Windows Server 2003 or 2008
- IP address for the ISP server hosting your remote website
- IP addresses of any other server computers running Web services on the local network
Instructions
-
-
1
Go to the Windows server computer hosting the pages and hostname for which you want to create a split DNS. Click “Start” and enter “Services.msc” in the search box. Press the “Enter” key. The Services window appears on the screen.
-
2
Scroll down to the “Domain Name Server (DNS)” listing. Double-click the service name. In the DNS Properties window, click the “Startup type” drop-down list and select “Automatic.” Click the “Start” button, then “OK.” Restart the server computer and wait for it to boot into Windows.
-
-
3
Click “Start,” “All Programs,” “Administrative Tools” and then “DNS.” In the server list, right-click the name of the Windows server machine, and then click “Properties” on the popup list.
-
4
Click the “Forwarders” tab. Add the IP address of the remotely hosted machine on in the “All Other DNS Domains” area. This causes regular HTTP requests from outer-world network computer to redirect to the IP address of the server hosted by your hosting provider or ISP. Click the “Add” button.
-
5
Enter and add additional ISP IP address as needed. Click the “Apply” button to save the DNS changes.
-
6
Click the “Internal NAT IP Addresses” tab. Enter the IP address of a server computer on your network hosting Web services meant only for internal use or viewing. For instance, if the computer is on the same internal network, you might enter “192.168.0.2” or “10.0.0.2” depending on the IP scheme your network uses. If the services run from the server computer on which you are working, enter “127.0.0.1” in the field and click “OK.” Note that if the service uses a specific port -- for instance port 118 -- enter the local IP address in the “192.168.0.2:118” format.
-
7
Click “Apply,” and then restart the server. Wait for the server computer to restart and boot into Windows. Setup of the split DNS service is complete.
-
1
Tips & Warnings
After you configure split DNS on the Windows server machine, you must configure each connected workstation to use the IP address of the server computer as its DNS server. To do this click open the Network option in Control Panel and change the “Preferred DNS Server” address in the “Internet Protocol Version 4” window to the IP address of the server computer. Click “OK” and restart the workstation.
