If you poke around the bind config files on your OS X Server, you’ll be able to see how apple has set them up so that you can edit them directly without confusing the GUI. /var/named contains zone files that you may edit, and they include corresponding files in /var/named/zones which you should not edit. They’ve done something similar for /etc/named.conf and the files in /etc/dns/.

Having said that, I recommend not doing both internal and external resolving for split-horizon DNS on your server, mainly because:

1. It’s kind of complicated, and you lose any convenience you had when you were able to use the GUI exclusively
2. You have NAT, which makes it even more complicated
3. There are solutions available from third parties that are better-performing, cheap/free, and more robust

In my organization, we use DNS in Mac OS X Server extensively for the internal part of a split-horizon setup. We use the “Advanced DNS” part of a network solutions account for the external part. It comes free with the domains we’ve purchased, and has redundancy and speed far greater than what I could justify for hosting a handful or externally-resolving names myself.

You need to reconfigure BIND to use “views” with two different versions of your zone file, such that access from inside your network gives the 192.168.1/24 (internal) addresses, but requests forwarded from outside (via your 2-Wire router) give out your static public IP.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

acl internal {
    127.0.0.0/8;
    192.168.1.0/24;
};
 
view "internal" {
    match-clients { internal; };
    zone "mydomain.com" {
        type master;
        file "/etc/bind/internal/db.mydomain.com";
     };
};
 
view "external" {
    match-clients { any; };
    zone "mydomain.com" {
        type master;
        file "/etc/bind/external/db.mydomain.com";
    };
};

For more information check this out it is a How To with more detailed instructions for Split Horizon DNS configuration.