Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

DNS Zone Multi Primary

Authority
Posts: 15
5381     1

Hello to all

it is possible to have the following scenario, a DNS zone with 2 primaries:

 

a. Primary is a member of the grid

b. The other primary is External primary (probably a DNS with Windows OS - although I hope for bind) that cannot be joined to the infoblox grid.

 

From the NIOS Admin 8.2 documentation it seems not possible

 

"You can configure multiple Grid primaries or multiple external primaries (including servers integrated with Microsoft AD) for a zone, but you cannot configure them both simultaneously for the same zone"

 

Is that still the case now? Maybe something is changing from docs

 

If this is not possible, the remaining way seems to be to convert the primary zone into a secondary zone (on infoblox member) and use another external primary as the master

 

Are there any documented steps on how to go from primary to secondary area?

 

Thanks in advance

Re: DNS Zone Multi Primary

Moderator
Moderator
Posts: 36
5381     1

Hello there,

 

The statement from the NIOS Administrator Guide still stands. We can not have a combination of a Grid Primary and an External Primary at the same time.

 

To change/convert an Authoritative Zone from using Grid Primary to an External Primary is pretty straight forward and can be done by using the following steps - 

 

  1. Edit the Zone in concern.
  2. Navigate to the Name Servers section.
  3. Select the Grid Primary and External Secondary (if it exists) and Delete it by using the Delete button.
  4. Now click on the Add button and add an External Primary as well as a Grid Secondary in order.
  5. Save & Close

 

Do note that when this is done, the Infoblox DNS Server would shed its Authoritative Data / Copy of the Zone and would have to rely on Zone Transfer from the configured External Primary to get the Zone Data. So do ensure that the External Primary has the full copy of the Zone that can be transferred to the now Secondary Infoblox DNS Server. 


P.S: It is always recommended to take a Database backup before performing any major changes as you would have an option for unexpected scenarios.

 

Regards.

Re: DNS Zone Multi Primary

Authority
Posts: 15
5382     1

Ok thanks for the answers

 

The requirements are:

 

Multiple actors can modify the same zone
But the A actor have an external DNS for that zone, and now the zone is primary on infoblox grid of the B actor.

So the two possibile technical solution could be:

 

1. convert the zone from primary to secondary (with the above procedure in the previous post)
2. add an external primary dns for the B actor (that one with grid primary and owner of the zone):

 2a. remove the grid primary for the zone
 2b. add the external primary of actor A
 2c. add the external primary of actor B
 2d. add all other grid secondary of actor B

 

All this because we would like to maintain the governance of the DNS zone with multiple actors

 

Is there another possibile solution.....?

 

Thanks again

Showing results for 
Search instead for 
Did you mean: 

Recommended for You