The easiest solution is sharing a DNS database between the Internet and intranet. This might be unsuitable for two reasons:
Translations of computers with nonroutable addresses (net 10/8, 172.16/12, or 192.168/16) are published on the Internet.
Information concerning the company structure is published (IP addresses of intranet computers). This information is usually confidential.
The most significant question when configuring DNS on the firewall is whether or not all Internet names should be translated on the intranet, and whether the intranet clients should be enabled to translate the names of the company.com
domain that are located on the intranet only.