Set up Split DNS

Split DNS allows extension users to seamlessly access and use their Linkus clients via the same domain name, whether they are inside the office or working remotely, which improves access speed and reliability. This topic describes how to set up split DNS in a typical company network.

Introduction

Split DNS allows the same domain name to be resolved to different IP addressed based on the user's network location:
  • For external users, the domain resolves to the public IP address of the PBX system (e.g. 203.0.113.10).

    This resolution is typically handled by public DNS servers, which rely on DNS records (such as A records) configured when the domain name is registered or managed with your domain registrar.

  • For internal users, the domain resolves to the private IP address of the PBX system (e.g. 192.168.28.39).

    This depends on your company's network configuration. It is recommended to implement this functionality on a firewall or router, if supported by the vendor. Alternatively, you can configure an internal DNS server to manage internal domain resolution. This guide uses Microsoft DNS server as an example to demonstrate how to configure internal DNS resolution.

Prerequisites

To implement split DNS, make sure the followings are in place:

Item Description
Domain
Port

Configure the ports for PBX server based on the domain type.

  • For domains requiring NAT traversal (e.g. External Host & Yeastar Domain)
    • The external web server port should be mapped to the same port as the HTTPS port.

    • Ensure the external Linkus port is the same as the internal Linkus port.

  • For Yeastar FQDN
    • The HTTPS port should be set to 443 for optimal performance (Path: System > Network > Web Server > Protocol > HTTPS Port).

    • Ensure the internal Linkus port is fixed at 8111 (Path: System > Network > Service Ports > Linkus).
Internal DNS Server A Microsoft DNS Server has been deployed within the company's internal network to handle internal domain resolution.

Procedures

  1. Create an internal DNS record
  2. Verify internal DNS resolution
  3. Enforce internal DNS usage for user devices

Create an internal DNS record

  1. At the top-right of the Server Manager window on Windows Server, go to Tools > DNS to open the DNS manager.

  2. Add a Forward Lookup Zone.
    1. Right click Forward Lookup Zones, then select New Zone....

      The New Zone Wizard will open.

    2. On the wizard, click Next to continue.
    3. In the Zone Type page, leave the default option Primary zone selected, then click Next.

    4. In the Zone Name page, enter the domain name of the PBX, then click Next.

    5. On the remaining pages, keep the default settings and click Next until you reach the final step.
    6. Click Finish to complete the setup.
  3. Add a new host.

    1. Right click on the domain name you added, then select New Host (A or AAAA)....
    2. Leave the Name field empty, which means the parent domain will be used.
    3. In the IP address field, enter the private IP address of the PBX system.
    4. Optional: To enable reverse DNS lookup, select the checkbox of Create associated PTR record.
    5. Click Add Host.

      A dialog box pops up to indicate that the host record is successfully created, click OK to close.

Verify internal DNS resolution

  1. Configure your computer to use the internal DNS server.
    1. On your computer, press Win+R to open the Run dialog box.
    2. Type ncpa.cpl, then press Enter.
    3. In the Network Connections window, right click your active network connection, then go to Properties.
    4. Double click the Internal Protocol Version 4 (TCP/IPv4).
    5. Select Use the following DNS server addresses, then enter the IP address of the internal DNS server (E.g. 192.168.21.102).

    6. Click OK to save the settings, then click OK again to close the window.
  2. Test internal DNS resolution on your computer.
    Tip: For external DNS resolution, you can verify using an online DNS checker to see if the domain name is correctly resolved to the PBX's public IP address.
    1. On your computer, press Win+R to open the Run dialog box.
    2. Type cmd, then press Enter.
    3. In the Command Prompt window, enter the following command and press Enter.
      nslookup {your PBX's domain name}
      For example,
      nslookup yeastardocs.ras.yeastar.com

      The output returns the private IP address of the PBX, indicating that the internal DNS resolution is configured successfully.

Enforce internal DNS usage for user devices

To ensure Split DNS works properly, user devices must use the internal DNS server when connected to the company network.
  1. Configure DHCP server to assign internal DNS.

    Set the DHCP scope options to assign the IP address of the internal DNS server as the primary DNS for all devices connected to the corporate network.

  2. Optional: Block external DNS requests on firewall.

    On the company's firewall, block outbound DNS requests (UDP/TCP port 53) to public DNS servers to prevent clients from bypassing the internal DNS.

  3. Connect user devices to the company network.
    Client Type Connection Method
    Linkus Web / Desktop Client
    • Connect user's computer to the company's Wi-Fi to automatically obtain the internal DNS server via DHCP.
      Note: This method is recommended to avoid manual switching DNS settings when moving between different networks.
    • If user's computer uses a static IP configuration, manually specify the internal DNS server address in the network settings.
    Linkus Mobile Client Connect to company's Wi-Fi to obtain internal DNS via DHCP.

Result

Extension users can access their Linkus clients using the same domain name from both internal and external networks, eliminating the need to manually switch between different addresses and ensuring a consistent login experience.