Is Split-DNS Required For Exchange 2010…

I have been to customer sites where exchange admin gets all confused about autodiscover and split-DNS. Is split-DNS necessary to run Exchange 2010? What are the advantages? First of all, it is not mandatory to have split-DNS in your environment to have Exchange 2010 deployed. Is it good to have? Definitely, yes. Microsoft does recommend…

I have been to customer sites where exchange admin gets all confused about autodiscover and split-DNS. Is split-DNS necessary to run Exchange 2010? What are the advantages?

First of all, it is not mandatory to have split-DNS in your environment to have Exchange 2010 deployed. Is it good to have? Definitely, yes. Microsoft does recommend using split-DNS model where possible. It is understandable that not all companies will be in a position to have split-DNS.

Following are the advantages of having split-DNS

  • Staff will be able to use a single url for Exchange services like OWA, irrespective of whether they are internal or external to the corporate network.
  • When staff are internal and access OWA, traffic remains within the internal LAN.
  • You can have Exchange 2010 running with a SAN/UCC certificate with just two urls, mail.domain.com and autodiscover.domain.com.
  • You can have your AutodiscoverServiceInternalURI to be autodiscover.domain.com (a public url). This means that your SAN/UCC certificate will only have public urls. Some admins are concerned about exposing internal AD information in the certificate.
  • You can have mail.domain.com for all your internal and external URLs for different Exchange virtual directories and autodiscover.domain.com for autodiscover service, both internally and externally.
  • It will be easy to configure and manage your environment. Less urls/settings to remember as an admin.

It is worth noting that Exchange 2010 does work fine without a split-DNS model. It means more urls and having a clear understanding of how autodiscover works internally (explained here) and which all urls should be in the SAN/UCC certificate.

Do comment if you know any other advantages of having split-DNS.

Leave a Reply

Your email address will not be published. Required fields are marked *