The previous example discusses several different DNS servers, each running with a particular configuration. This is important to point out, because a particular configuration should be matched to the need at hand. Following are common DNS server configurations:
– A caching-only name server, such as a configured server that is not authoritative for any zone, recursively looks up all queries, and caches what it can.
P In a split-DNS setup, the local, internal DNS server is configured to be authoritative for the company domain (or domains). Meanwhile, the “master” authoritative DNS server is still hosted, and the local DNS answers all queries from devices inside the network. Devices outside of the network continue to query the hosted DNS service. This provides an interesting opportunity:
The internal DNS server does not have to mirror the external DNS database exactly. The administrator may choose to augment the local version with internal-only resources. Because devices on the outside cannot access them, internal-only records do not need to exist in the hosted DNS server database. In essence, this creates one namespace behind the local LAN’s edge router, and a separate one for the world at large.
In the case of a company like Apple, with all of its network resources, many internal-only addresses reside behind a security system, intended only for people on the Apple network (or, perhaps, accessing the network via a VPN). An internal DNS server could serve the internal network and the internal-only addresses, as well as act as a DNS cache, saving bandwidth on external lookups.
Finally, if an administrator at Apple decided to enter information about the example.com domain on the local internal DNS server, it would affect only devices on the Apple network. Everyone else in the world would still be referred to the hosted example.com DNS server for authoritative DNS information about the example.com domain.