Split-Horizon DNS
Also called split-brain DNS: serving different DNS answers for the same name depending on whether the query comes from inside or outside the network, often used to expose internal IPs to LAN clients only.
Split-horizon DNS (or split-brain DNS) is the practice of running two views of the same zone, one for internal clients and one for the public internet, with different answers for the same names. A typical use: `app.example.com` resolves to the internal 10.0.0.5 for office and VPN users, and to the public load balancer IP for everyone else. It is implemented either by running separate authoritative servers per audience, or by view configuration in BIND/PowerDNS that selects records based on the source IP of the query. Risks include desync between the two views and the assumption that "internal" clients can be reliably identified, which mobile and remote work have steadily eroded.