“Outbound DNS” and “Internal DNS”

Three Roles of DNS

DNS consists of a combination of the following three functions:

● Content server

 Respond only to inquiries about your own zone, and if there is no applicable information, answer "None". No recursive search is performed.

● Full-service resolver

 When it receives a recursive search request sent from a stub resolver, it repeatedly searches other DNS servers until name resolution is completed, and returns the results to the stub resolver.

 Repeating the same query over and over again is inefficient, so once resolved names are cached and reused. For that reason, it is also called a cache server.

● Stub resolver

 A stub resolver is a search program that operates on the terminal side to obtain information by communicating with a full-service resolver and asking it to perform a recursive search for the domain name you want to check. It is sometimes called a resolver for short.

"External DNS" and "Internal DNS"

There are cases where DNS servers are placed outside and inside firewalls.

 The DNS server outside the firewall is called "external DNS" and responds to inquiries from domains other than your own domain. An internal DNS server is called an "internal DNS" and responds to queries from users within its own domain.

The names "external DNS" and "internal DNS" come from the images placed inside and outside the firewall.

 The purpose of operating the DNS separately for external and internal use is that it is possible to freely set and operate the unique zone information for the internal intranet in the "internal DNS".

 Intranet zone information will not be disclosed to the outside, and terminals on the intranet will be able to access servers and other terminals on the intranet using domain names instead of IP addresses. It is also safe from a security point of view.

For our internal users, we want to be able to search by specifying forwarders etc. from our full-service resolver.