Split Brain DNS / Alternative

This may be a more generic DNS question, bur seeing as PiHole IS my DNS I hoped the community may help.

I would prefer to use the same domain name internally and externally. That allows me to use hostnames for services that resolve locally when inside my network and via NAT when outside.

It also allows me to use the same certificate and automate services such as traefik.

I would also like PiHole (via dnsmasq) to resolve DHCP hosts and in-addr.arpa records internally.

AFAIK I would need to add all of my public records manually (including SRV records and everything else) locally, which is a lot of work. I've read a split-brain DNS is not best practice.

Reading suggests there's no way to tell dnsmasq "resolve locally but if you don't find a record query the public DNS for this domain".

How do others handle this scenario?

I used the dehakkelaar.nl suffix/search domain for a long period knowing local hostnames would leak/get forwarded to the upstream configured DNS providers (for lookups that couldnt be answered by Pi-hole).
I solved this by adding .home to the suffix eg. its now home.dehakkelaar.nl.
With below additional settings I dont see any of my local hostnames leaking upstream anymore:

image

But yeah split brain.
So I have public records for the dehakkelaar.nl domain at my registrar's provided DNS.
And local records in Pi-hole for my home.dehakkelaar.nl domain for devices at home.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.