Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

arecord to cname

New Member
Posts: 2
3506     0
Hi all

Is there a way to update (delete/create) an arecord to convert it to a cname without the possibility of a nxdomain response that will get negatively cached?

Hope this makes sense.

JP

Re: arecord to cname

Expert
Posts: 185
3507     0

Hmmm, interesting one, because changes are dynamically applied, so there will always be a gap between when the A record is deleted and the CNAME is created. I assume you are trying to minimise this gap because you have a constant stream of queries for that name?

 

All I can think of at the moment is to reduce the negative cache timer of the zone to 0 or maybe 1 second if 0 doesn't work, then delete your A record, add the CNAME and then increase it again afterwards. If you do reduce the negative cache TTL you'll probably have to wait for zone TTL to expire before you do any changes else other resolvers out there might still have the old negative cache TTL cached.

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: arecord to cname

New Member
Posts: 2
3507     0

You are correct; constant lookups and we were hoping to eliminate all the NXDOMAINS. We were thinking about lowering the negative cache, as well, but there are some concerns from our tech guys performing this against the entire domain.

 

Would there be a way to export the config, update it manually and reload it?  Though, that may sound worse than lowering the cache.

 

 

 

 

 

Re: arecord to cname

Expert
Posts: 185
3507     0

I don't know a way to export and reload the zone without a lot of disruption. The CSV export/import manager will be too slow. You almost need a way to disable the dynamic update so that you can pre-stage the changes then do a restart services to load them together. I don't know if there's a way to stop the UI from dynamically updating the zone.

 

You could maybe try using the CLI, there's a ddns_delete and ddns_add comand you might be able to use in quick succession - more details here:

 

https://docs.infoblox.com/display/nios84/Using+the+NIOS+CLI

 

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: arecord to cname

Expert
Posts: 185
3507     0

The other option is to use the API to quickly delete and add the records in succession, should only take fractions of a second.

Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE
Showing results for 
Search instead for 
Did you mean: 

Recommended for You