11-17-2017 11:19 PM
If there is a DHCP Grid Member and a DNS Grid Member, then if the DHCP member needed to do DDNS updates. Are these updates done using UDP port 53 or are they done VIA Bloxsync as both members are Grid members. My guess is that this will have to be done using UDP port 53 as there is no direct Bloxsync VPN between the DHCP member and the DNS member.
Please correct me if wrong.
Solved! Go to Solution.
11-20-2017 07:37 AM
DDNS updates from an Infoblox DHCP server to an Infoblox DNS server would use the DNS protocol. This applies for when both servers are part of the same Grid or not; however, the updates do use TSIG.
11-22-2017 03:27 AM
Sorry for asking additional question on top on here, may I know if the DDNS updates on Infoblox is achievable if the DHCP is poiting to Infoblox, but the DNS is pointing to Microsoft Server?
What I wish to achieve is that the Microsoft DNS will automatic do DDNS updates of the client to Infoblox DHCP.
11-23-2017 03:43 PM
Please correct me if I'm wrong here, your current configuration is:
DHCP server --> Infoblox
DNS Server --> Microsoft
Requirement --> Whenever a client gets a lease from Infoblox DHCP server, the Infoblox DHCP server should send the DDNS updates to Microsoft DNS.
Is my understanding about your requirement correct?
If yes, then you can following the below steps(snippet taken from NIOS Admin Guide):
To send updates to a DNS server that is external to your Grid:
1. If there are multiple network views in the Grid, select a network view.
2. From the Data Management tab, select the DHCP tab, expand the Toolbar and click Configure DDNS.
3. In the DDNS Updates to External Zones section of the DDNS Properties editor, click the Add icon. Complete the
following fields in the Add External DDNS Zone panel, and then click Add:
— Zone Name: Enter the FQDN of a valid forward-mapping or reverse-mapping zone to which the DHCP server
sends the updates. Do not enter the zone name in CIDR format. To specify a zone name in IDN, manually
convert IDN to punycode and use the punycode representation.
— DNS Server Address: Enter the IP address of the primary name server for that zone.
— Security: Select one of the following security methods:
— None: Select this to use unsecured DDNS updates. This is the default.
— TSIG: Select this to use the standards-based TSIG key that uses the one-way hash function MD5 to
secure transfers between name servers. You can either specify an existing key or generate a new key.
To specify an existing key, complete the following:
Key Name: Enter the TSIG key name. The key name entered here must match the TSIG key name on the
external name server.
Key Algorithm: Select either HMAC-MD5 or HMAC-SHA256.
Key Data: To use an existing TSIG key, type or paste the key in the Key Data field. Alternatively, you can
select the key algorithm, select the key length from the Generate Key Data drop down list, and then click
Generate Key Data to create a new key.
— GSS-TSIG: For information about using GSS-TSIG, see About GSS-TSIG on page 984.
4. Save the configuration and click Restart if it appears at the top of the screen.