Another option would be to use the Reverse proxy to redirect your users.
It depends on the reasons for redirecting:
If the content is specifically stored on another server for storage and accessibility reasons, not to reduce traffic on the primary host, this would be quite usable, I’m actually using this for productive clients.
I actually have a productive server running here, which redirects any swiss access (.ch) to the proper server, running somewhere in Italy. It’s not only running in Italy, the italian state is actually running and paying for this!
But almost all access is via a Reverse proxy running on a SME-Server, soon to be replaced with a NethServer.
Advantages: One simple module from software center, one URL to redirect…
And all the web-stats available locally.
Actually, the old Proxy-Pass contrib in SME-Server was a bit more powerful than the NethServers Reverse Proxy.
I haven’t been able to redirect a whole domain, only a directory with NethServer.
A reverse proxy doesn’t interfere with any existing DNS stuff or anything other than http/https.
You can make additional DNS entries to ease naming/access, but it’s usually not even necessary.
At all clients using NethServer, http and https are routed to the NethServer by the firewall.
I’d like external clients to reach anything on the nethserver, but also the monitoring server (Zabbix or Nagios).
The external DNS points both entries to the gateway, which itself forwards all http/https to the Nethserver.
External DNS looks like this:
nethserver.your-domain-name.com IN CNAME gw.your-domain-name.com
zabbix.your-domain-name.com IN CNAME gw.your-domain-name.com
gw.your-domain-name.com IN A 220.127.116.11 (Your external IP)
The Nethserver points all access to the URL /zabbix/ to the internal server at:
http://192.168.123.29/zabbix/ (The IP of your monitoring server)
This also has the advantage that your monitoring server doesnt have to worry about SSL. You can use LetsEncrypt SSL on your Nethserver - the reverse proxy will use SSL to encrypt / decrypt the packages en route…
(This means using https://nethserver.your-domain-name.com/zabbix/ internally and externally for SSL - still a limitation of LetsEncrypt 'til 2018 Q1…)
Internally, I’d like to access the nethserver for almost everything except the monitoring server (Zabbix), which I’d like users to reach directly. (If the Nethserver is down, the people in-house can still see in the monitoring system what’s down!)
So Internal DNS looks like this:
nethserver.your-domain-name.com IN A 192.168.123.20 (IP of Nethserver)
zabbix.your-domain-name.com IN A 192.168.123.29 (IP of monitoring / Zabbix Server)
gw.your-domain-name.com IN A 192.168.123.1 (Your gateways internal IP)
Using internal and external DNS to achieve different things is known as split DNS…
Your internal DNS should be able to resolv even every network printer in house, the external DNS doesn’t need any internal printer entries.
-> External DNS is not allowed to use internal IPs like 10.x.x.x, 172.16.x.x-172.32.x.x, 192.168.x.x
My 2 cents…