Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

DNS Recursive redundancy 2 Site

Techie
Posts: 9
2884     0

hi guys,

 

I'm new about Infoblox Technology,

I have set Infoblox on VM at 2 Site called Site A and Site B

on site A have 1 grid member -> DNS server(Authoritative) and DHCP Server

                       1 Grid member -> DNS recursive

 

on site B have 1 grid member -> DNS server(Authoritative) and DHCP Server

                        1 Grid member -> DNS recursive

 

on the grid member dns authoritative site A and site B set forwaders to both DNS recursive.

 

my question how can I set the priority of the query to DNS recursive because we find the client on the site B always query dns to internet via DNS recursive site A, why the grid member DNS authoritative or clients Site B not use  first the DNS recursive site B query to internet 

 

 

 

Re: DNS Recursive redundancy 2 Site

Authority
Posts: 33
2885     0

Are your forwarders set in the same order?

Does the Site A recursive server answer queries faster than Site B?

Is there a direct route from Site B's authoritative server to Site B's recursive server?

Any firewalls that might affect DNS traffic from the authoritative server to the recursive server or from the recursive server to the Internet?

Re: DNS Recursive redundancy 2 Site

Techie
Posts: 9
2885     0

 

1. set forwaders on the dns authoritative siteA to recursive site A(first) and to recursive site B(second), and checklist the forward only.

2. set forwaders on the grid dns authoritative site B to recursive site B(first) and to recursive site A(second), and checklist the forward only.

 

 

 

Re: DNS Recursive redundancy 2 Site

Expert
Posts: 185
2885     0

The order you specify the forwarders won't make any difference, BIND calculates the reachability of each forwarder by measuring the round trip time (RTT) then it places each server into a fairly course band, so if both have low RTT's you'll probably find that both are being used fairly evenly.

 

There used to be a topology statement that you could use to influence the behaviour but that is no longer supported. I'm not sure if there's a solution to this these days, I see it crop up quite a lot, it would be nice to have the option to specify primary and secondary forwarders and only go to the secondary if the primary is down, but I'm not sure that functionality exists (it used to work like that many years ago but they changed behaviour to use the RTT in the early days of BIND 9).

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: DNS Recursive redundancy 2 Site

Techie
Posts: 9
2885     0

Thank you Laura,

about direct route from Site B's authoritative server to Site B's recursive server, is one segment network. But the Site A authoritative server to Site A recursive server is a different network.

 

So which the best to configure route from Authoritative with recursive? 

its must be same nexthope if we traceroute from authoritative site A&B to recursive site A&B?

Re: DNS Recursive redundancy 2 Site

Techie
Posts: 9
2885     0

Thank you Paul,

 

we try to separate the recursive site A&B, specify the Authoritative site A to recursive site A and same to site B authoritative to recursive site B. but the next question is how about the redudancy recursive.

 

Like Laura mention about the direct routing and I see the site B have a same segment network between the authoritative and recusive.

 

let me check first to understand about this RTT,

 

Thank you

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

NIOS 8.6.3 – What’s New in DDI