Don't miss an insight. Subscribe to Techopedia for free.


Split Domain Name System

What Does Split Domain Name System Mean?

Split Domain Name System (Split DNS) is an implementation in which separate DNS servers are provided for internal and external networks as a means of security and privacy management.


In this implementation, whenever a user sends a request for an administrative network resource and makes the request from the same network, the internal DNS handles name resolution. However, if the same user requests the same resource from an external network, the external DNS handles the resolution that provides a certain abstraction from the internal network where the resource is located.

Split DNS is also known as split-horizon DNS or split-view DNS.

Techopedia Explains Split Domain Name System

The goal of a split DNS scheme is to provide abstraction and increase security by not divulging the correct internal Internet Protocol (IP) address of the requested resource. Split DNS uses two separate DNS servers – either two physical servers and a software server that run multiple DNS processes, or one with the ability to discriminate DNS record access.

An external DNS contains only small zone files for a domain with information like file transfer protocol (FTP), Web addresses and other server addresses that can be publicly published. An internal DNS server holds DNS records for an internal network.

When internal network users look up host names, the internal DNS answers and externally forwards this information as needed. External users that look up host names in an internal network are greeted by an external DNS, which contains data limited to publicly accessible resources; this prevents internal secrets from being divulged.


Related Terms