Hi! :)
I have a server which runs a few VMs, one of which is a DC. I have read and agree with the notion that a private DC should not be routable on the Internet; as such it's private only. I also have a linux VM which runs iptables that I use as the default gateway for clients/VMs needing internet access.
If I want my clients to join the domain they need to use the DNS server of the domain which is run on the DC. However, since the DC is private only, they'll then be unable to resolve any Internet domains. Setting root hints on the DC or forwarding is futile.
TLDR: How can I both use my private domain's DNS to join the domain on my laptop and also use other DN (my ISP's) DNS servers so that I can resolve Internet domains without having two NICs? Thanks.