I am looking to create a root domain on Windows Server that will resolve internal IPs for only selected services hosted within our firewall, and forward all unresolved hostname requests to an external name server.
For example, if someone tries to access an ERP system at https://erp.contoso.com
the internal DNS will be provide LAN users with a local IP, while external users will be provided with a public IP address from an external DNS provider.
However, regardless of whether the users is on the LAN or not, all requests to https://firewall.contoso.com
for example, will be resolved by the external DNS.
How does one accomplish this? My apologies if this explanation is difficult to follow, I hope this makes sense.
pick one:
1) copy everything from public to private
2) add NS records for all public subdomains on your internal server with the public ns records (delegate zone)
3) put private IPs on the wan zone
4) cname root records to a subdomain that is split or local only.
local zone
5) only create subdomains for internal zones. (personal favorite)
public zone:
private zone: