Same here. I have several domains, one is used for servers and email, 2nd for websites, 3rd for messing around (test setups) and a 4th is almost unused now, but with the demise of twitter and reddit I’m thinking of using that one for the fediverse (it’s my username in national tld).
BTW internal and external dns run on different systems and all private zones are dnssec signed. (Loved the challenge on setting that up correctly)
i use my external zone name but have an internal view of the zone inside my lan so records point to local ips.
deleted by creator
Ah that’s a really good point. I will have to Google this so I can learn how it is done in iptables because I’ve only ever done it with pf on OpenBSD.
yep
I’ve never experienced any issues so far, the devices should be flushing the cache on network change in theory.
I use subdomains, i.<external domain>, w.<ext> for wifi, few others for vms and containers.
With wireguard everything just works, and wireguard overhead over wireless is negligible even on wifi6.
I agree on WireGuard. It’s clearly the winner in terms of speed for point to point VPN.
Split Horizon DNS is the most seamless user experience.
Exactly the same. I’d like to add that my devices still get a .lan TLD from the router.
Same here. I have several domains, one is used for servers and email, 2nd for websites, 3rd for messing around (test setups) and a 4th is almost unused now, but with the demise of twitter and reddit I’m thinking of using that one for the fediverse (it’s my username in national tld).
BTW internal and external dns run on different systems and all private zones are dnssec signed. (Loved the challenge on setting that up correctly)
Same, I achieve this with Adguard DNS rewrite.