Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

DNS notify from the auth DNS server not reflecting in the Syslog

Authority
Posts: 30
2497     0

As a part of configuring DNS slave zones on Infoblox appliance running the DNS protocol services. We've also added notify with Infoblox IPs on the legacy environment.

So in an ideal situation irrespective of whether I've configured secondary zones on the IB or not. I should see notifies on my grid in the Syslog under the member.

However, I do not see it in the GUI. I tried taking a traffic capture on the member and checked for "dns" in the filter and I see the notify and the response that says, "Not authoritative" to the legacy server from Infoblox from the traffic capture on the server.

These transactions should be logged according to me. 

 

Hope someone can help me understand this better.

Grid Version: 8.4.4-386831

Legacy Environment: MS AD DNS

Re: DNS notify from the auth DNS server not reflecting in the Syslog

Superuser
Posts: 105
2497     0

Hi,

 

From my understanding that notify message will appear on the log if we configure allow notify in the primary name server, so what ever we add to primary nameserver then it will notify to the slave/secondary nameserver. From the slave point of view we'll also see log message like "client @0x7f52901082a0 x.x.x.x#40530: received notify for zone 'abc.com'

 

And also needs to enable transfer-in and/or transfer-out in the server.

 

Thanks

Showing results for 
Search instead for 
Did you mean: 

Recommended for You