Is split horizon dns important?
Split DNS returns different results depending on the source IP.
It's commonly promoted as a significant security measure for internal resources, for limiting enumeration and discovery.
I've had many issues with split DNS in the past, with programs that don't properly respect ttls. They cache resolution for a long time, and since DNS is inconsistent (i.e. it depends on my source IP), they break. Windows and Chrome, for example, have each been problematic for me.
I'm wondering about the security value of split DNS. DNS just maps text names to IP addresses. Is it somehow easier for an attacker to enumerate hostnames than IPs? Do internet addresses need to be secret? Is split DNS still valuable even with firewalls that block by source IP? How much real security does split DNS offer?
Split horizon DNS is a BAD idea. It basically makes DNSSEC impossible to implement reliably (there are workarounds but they are all unsatisfactory). The main advantage of split horizon DNS is that it makes it possible to hide internal networks, but the same can be achieved by creating a subdomain and making sure its SOA servers are not accessible from the public networks. So with split horizon DNS you'd have payroll.bigcorp.com, with a secure subdomain you'd have payroll.i.bigcorp.com . But with a subdomain, you can actually use DNSSEC meaningfully.