03-03-2017 08:26 AM
I want to create a zone that is a copy of another DNS zone on a Microsoft server so that Infoblox can resolve DNS requests without having to go the Microsoft server. I haven't tried to setup a zone transfer like this in Infoblox before.
I think I found the answer but want feedback from others before I bring down a zone and cause problems. I think I create an authoritative zone in Infoblox which uses an external primary name server? When I try this, it says that I need a secondary server so I think I am doing something wrong.
03-03-2017 08:49 AM
There are a couple of different ways you can go about handling this. For the steps that you described to work, you would assign your Infoblox server as a Grid secondary name server on the zone and your Microsoft server as an external primary. Once you save that and restart services, the Infoblox server will then attempt to initiate a zone transfer from the Microsoft server. Be sure that zone transfers are allowed in the Microsoft DNS servers config and any firewalls sitting between them have a rule in place allowing both UDP and TCP port 53 (bidirectional) in order for that to complete successfully. This will allow you to maintain your DNS records on the Microsoft server and if all goes according to plan, be served by your Infoblox server as well.
Note: The reason why you have to assign your Infoblox server as a Grid secondary is that with Infoblox's Grid technology, you are able to assign one or more servers in your Grid to the zone and also can do so using different configurations. Because of this, the configuration is not set by default for you. One step that you may find useful for your zone configurations is to use Name Server (NS) Groups. This allows you to set the configuration one time and then assign the NS Group to the zone's name server configuration. This way, if you need to make any changes in the future, you would simply update the NS Group, restart services and the change will be applied automatically to all zones where the NS Group is assigned to.
If you are trying to allow your Infoblox server to take over the zone entirely, another option is to setup your Infoblox server as a Grid primary and then use the Import Zone option found in the toolbar on the right hand side of the page to pull in the zone data from the Microsoft server. This will initiate a one time zone transfer and after that, the Infoblox server will effectively own the zone and data with no further interaction with the Microsoft server.
And yet another option is the Microsoft Management feature but I suspect you are not using that and will not apply here.