>> but how does tinydns know to differentiate between internal and external when answering queries
Good question. Here is how to do it to differentiate int/ext:
1) Say you have djbdns installed (it comes with dnscache, rbldns, tinydns and axfrdns), you still need to decide which component you need to configure, unlike BIND which put everything together, and often confuse people authoritative DNS server and cache-only is.
2) To install tinydns, you need to decide whether it's for ext or int. Say for ext, run this:
tinydns-conf tinydns dnslog /var/djb/tinydns 188.8.131.52
You need to mkdir /var/djb directory manually. The command above will mkdir tinydns and its subdirs for you automatically, and bind to your ext IP 184.108.40.206 on udp 53. /var/djb directory is my own preference because I have installed so many other djbware so keeping a centralize location for djb stuffs.
3) If you also need to run a ns2 (slave), you then need to install axfrdns:
axfrdns-conf axfrdns dnslog /var/djb/axfrdns /var/djb/tinydns 220.127.116.11
axfrdns listens to tcp 53, not udp. Its purpose is to do zone transfering and answering dns queries via tcp. DNS queries by default use udp 53. When it's larger than 512 bytes (non-RFC compliance), like AOL been using previously, then axfrdns is to be used to answer dns queries.
4) Now let say you also need to run a tinydns on 192.168.0.1 udp 53. Then run:
tinydns-conf localdns dnslog /var/djb/localdns 192.168.0.1
Note, you can't bind localdns to 18.104.22.168 because it's in use. BTW, there is no such thing as localdns, I invented this name just to differentiate it with int/ext.
5) Of course, the SOA and NS for internal host.com is different. You can't use ns1.host.com but you need to use localns1.host.com or whatever hostname that maps your 192.168.0.1.
6) For external, 99% of the time you don't need to setup your PTR record (even with BIND) because you will not be authoritative for your reverse. For internal, instead, you will also need to setup your 0.168.192.in-addr.arpa block.
So how does tinydns/localdns know when I query winxp.host.com (int) and www.host.com
tinydns/localdns doesn't know but your DNS resolver, that's dnscache.
To install dnscache:
dnscache-conf dnscache dnslog /var/djb/dnscache 127.0.0.1
dnscache-conf dnscache dnslog /var/djb/dnscache 192.168.0.2
Why can't I install dnscache on 192.168.0.1?
Because udp 53 is already in use by localdns. Therefore you either need to install it on loopback or on another computer like the example with 192.168.0.2 as shown above.
8) To tell dnscache which host
host.com is int/ext, you need to add /var/djb/dnscache/root/servers/host.com containing 192.168.0.2 and /var/djb/dnscache/root/servers/0.168.192.in-addr.arpa as well containing 192.168.0.2.
Then a @ file /var/djb/dnscache/root/servers/@ containing root-server IPs.
So whenever you query host.com, it will ask 192.168.0.2 for the answer, if it's not found, it will try @.
Basically one server can't do these all, you need at least 2 servers.
So please google and try first, followup if you have further questions.