How to configure DNS splitbrain in UCS

Environment

You have a public DNS-Domain (let’s call it univention.de) for which you want to configure DNS-records, depending on if you’re inside the corporate network or not.

To illustrate this:

Let’s say, this record is super-secret-ucs-release.univention.de

If you’re inside the corporate network, this dns-record should return the IP-Adress of our new super secret UCS-Release which should be visible only by employees.

If you’re outside the corporate network, it should return the IP of our public landing page.

So how do we get this working?

I assume that the public dns-record is already configured to return the desired public IP address.

For this to work in UCS, you need to create a forward-zone for your full dns-record and set the correct IP in it.
Open “Domain” → “DNS”

After that, click on “Create” , leave “DNS: Foread Lookup Zone” selected and click on “NEXT”

Now enter the full dns-record, the dns-server which is responsible for it and head over to “IP addresses”:

Here you set the ip-address you want to return and, after that, hit “CREATE DNS OBJECT”