Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

Using ansible nios_zone to create new auth rev mapping zone with /27

New Member
Posts: 1
3587     0

Trying to create a new auth reverse mapping zone via ansible module "nios_zone". In this case the CIDR is 10.8.95.160/27. The zone creates as "64-95.95.8.10.in-addr.arpa" - clearly not what I wanted as the range should be 161-190. Best I can tell I need to be passing the right range as a "RFC2317 prefix",  however this field does not appear to exist to the ansible module per the documentation. (not listed).

 

How does one accomplish this using ansible?

 

Thanks

 

 

 

 

Re: Using ansible nios_zone to create new auth rev mapping zone with /27

Adviser
Posts: 109
3588     0

What you're running into here is the design of the DNS protocol itself. DNS zones can only be 'classful', meaning that they fall under the 8, 16 or 24 bit boundaries.

 

To support environments that are working with smaller subnets, RFC 2317 is used. This allows for classless zones to be delegated out to other servers and uses a prefix and CNAME records to enable this. I do not believe the Ansible modules have been built to support this so you may need to use a custom module to support RFC 2317 enabled configurations.

 

For reference:
https://docs.ansible.com/ansible/latest/modules/nios_zone_module.html

https://tools.ietf.org/html/rfc2317

https://support.infoblox.com/app/answers/detail/a_id/315 (this requires a valid login to the Infoblox Support Portal).

 

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You