07-27-2016 08:14 AM
Just wanted to run this by this forum before I pull the trigger. I am a little confused about DNS Views and where they can be managed. I have two views (internal and external) and I would like some of my member appliances only to see the internal View. I can go to the individual member server (DNS/Members) and see the two DNS Views listed there with the option to select one and hit the Delete button. Will this completely remove the DNS View troughout my Grid or only for that specific member?
07-27-2016 08:28 AM
When you say you want some of your appliances to only “see” one view, does that mean that you want clients that send DNS queries to that specific appliance to get answers from one view only? Or do you mean that when that appliance forwards to another appliance that it gets data from a specific view? Or, finally, do you mean that you want the appliance to only be able to provide answers for one view?
Here are a couple of scenarios to help answer the questions above.
#1a. Internal network
Internal user queries internal DNS server
DNS server has ONLY the INTERNAL view configured
- Any data that is not for an internal zone forwards to DMZ or goes to Internet for resolution (www.infoblox.com<> for example).
#1b. External network
Internet user queries external/DMZ DNS server
DNS server has ONLY the EXTERNAL view configured
- This view has recursion disabled
- Responses are only for data that is authoritative in the external view
#2. Mixed environment
DNS Server A has both internal and external views configured
Client in location A queries DNS Server A
- DNS Server A responds with an answer from the internal DNS view
Client in location B queries DNS Server A
- DNS Server A responds with an answer from the external DNS view
07-27-2016 08:39 AM
Maybe it is more of a visual issue. I just recently added 2 additional members to the grid and when I compare the DNS Views that are presented on each device, the two new ones have both the Internal and External view shown, but all the other members only show the Internal view. Not sure how the previous admin achieved this.
07-27-2016 09:33 AM
To answer your question, we have an internal and external view but for the internal network, only the INTERNAL view should be configured on the DNS server (scenarion 1a). That is how it is on all the other internal members but not on the two new ones. I am confused on how to get them to ONLY show the INTERNAL view as an option.