http://www.petenetlive.com/KB/Article/0000830.htm

Sometimes called split brain DNS.

Split DNS is used only when necessary for situations where you need Internal DNS (LAN) to give different results to a particular query then external (Internet) DNS.

• You have an internal mail server exchange.yourcompany.local in Active Directory (AD)
• Your external DNS points to your single static public IP address as mail.yourdomain.com
• You forward inbound ports (at least port 25 SMTP) from your firewall/router to your internal mail server
• Your SSL certificate for the mail server is in the name mail.yourdomain.com
• You need internal (LAN) clients to be able to resolve mail.yourdomain.com to the internal (LAN) IP address

No changes are needed to the external DNS in any case.

If you only need to configure split DNS for a couple of host names, do it like this.

In your internal DNS server:

1. Create a new forward lookup zone using the FQDN of the host you need to resolve differently
   • mail.yourdomain.com
2. In the new zone, create a new 'A' record leaving the hostname blank and pointing to the internal IP address

If you have many host names you need to resolve differently internally, you can duplicate your external DNS zone adding as many records as necessary for internal consumption.

In your internal DNS server:

1. Create a new forward lookup zone using just the domain name of the hosts you need to resolve differently
   • yourdomain.com
2. Add 'A' records for all hosts that internal (LAN) users might need to resolve in that domain
   • Internal IP addresses and external IP addresses alike