Infoblox Exchange Cybersecurity Roadshow 2020 – Join us!
North America | Europe | Middle East/Africa | Asia-Pacific

DNS DHCP IPAM

Reply

arecord to cname

Jpcalgary
Techie
Posts: 2
239     0
Hi all

Is there a way to update (delete/create) an arecord to convert it to a cname without the possibility of a nxdomain response that will get negatively cached?

Hope this makes sense.

JP

Re: arecord to cname

Expert
Posts: 234
240     0

Hmmm, interesting one, because changes are dynamically applied, so there will always be a gap between when the A record is deleted and the CNAME is created. I assume you are trying to minimise this gap because you have a constant stream of queries for that name?

 

All I can think of at the moment is to reduce the negative cache timer of the zone to 0 or maybe 1 second if 0 doesn't work, then delete your A record, add the CNAME and then increase it again afterwards. If you do reduce the negative cache TTL you'll probably have to wait for zone TTL to expire before you do any changes else other resolvers out there might still have the old negative cache TTL cached.

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: arecord to cname

Jpcalgary
Techie
Posts: 2
240     0

You are correct; constant lookups and we were hoping to eliminate all the NXDOMAINS. We were thinking about lowering the negative cache, as well, but there are some concerns from our tech guys performing this against the entire domain.

 

Would there be a way to export the config, update it manually and reload it?  Though, that may sound worse than lowering the cache.

 

 

 

 

 

Re: arecord to cname

Expert
Posts: 234
240     0

I don't know a way to export and reload the zone without a lot of disruption. The CSV export/import manager will be too slow. You almost need a way to disable the dynamic update so that you can pre-stage the changes then do a restart services to load them together. I don't know if there's a way to stop the UI from dynamically updating the zone.

 

You could maybe try using the CLI, there's a ddns_delete and ddns_add comand you might be able to use in quick succession - more details here:

 

https://docs.infoblox.com/display/nios84/Using+the+NIOS+CLI

 

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: arecord to cname

Expert
Posts: 234
240     0

The other option is to use the API to quickly delete and add the records in succession, should only take fractions of a second.

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE
Showing results for 
Search instead for 
Do you mean 

Recommended for You