Bind9 allows users the possibility of using one DNS for internal and external queries. Reducing the need to run two separate instances of Bind9.
Synology now publishes a DNS package running Bind9. I am currently running this for an internal DNS to speed up my local internal network. I however wished to try and expose an external DNS to gain greater control of my domain name.
I tried this by configuring the DNS using the synology DNS interface.
I however found I need to have
- Recursion on for internal caching DNS.
- Recursion off for external authoritative DNS.
This functionality however didn’t seem easily possible through the gui. Also effectively you are running an external facing piece of software very near your internal infrastructure there is a great risk of cross contamination either by user error, or software vunerablity.
As I said before. Why bother running your own external DNS. Your registrar does a better job.