Split Horizon DNSSEC
![Split Horizon DNSSEC](https://benno.frl/img/gespleten%20horizon.jpg)
I have been running the DNS for most of my domains myself for a number of years now. While you may have any number of reasons for self-hosting DNS, my chief motivator was the ease of implementing the ACME DNS-01 challenge when requesting certificates. This in turn allows me to request and use publicly verifiable certificates for devices and applications that are only accessible from my internal network. As I have some services that I want to be accessible both publicly and internally but on different IPs, I use a split-horizon DNS setup.