I have been to customer sites where exchange admin gets all confused about autodiscover and split-DNS. Is split-DNS necessary to run Exchange 2010? What are the advantages?
First of all, it is not mandatory to have split-DNS in your environment to have Exchange 2010 deployed. Is it good to have? Definitely, yes. Microsoft does recommend using split-DNS model where possible. It is understandable that not all companies will be in a position to have split-DNS.
Following are the advantages of having split-DNS
- Staff will be able to use a single url for Exchange services like OWA, irrespective of whether they are internal or external to the corporate network.
- When staff are internal and access OWA, traffic remains within the internal LAN.
- You can have Exchange 2010 running with a SAN/UCC certificate with just two urls, mail.domain.com and autodiscover.domain.com.
- You can have your AutodiscoverServiceInternalURI to be autodiscover.domain.com (a public url). This means that your SAN/UCC certificate will only have public urls. Some admins are concerned about exposing internal AD information in the certificate.
- You can have mail.domain.com for all your internal and external URLs for different Exchange virtual directories and autodiscover.domain.com for autodiscover service, both internally and externally.
- It will be easy to configure and manage your environment. Less urls/settings to remember as an admin.
It is worth noting that Exchange 2010 does work fine without a split-DNS model. It means more urls and having a clear understanding of how autodiscover works internally (explained here) and which all urls should be in the SAN/UCC certificate.
Do comment if you know any other advantages of having split-DNS.
