Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



Setting up dedicated recursive servers

Posts: 12
1263     0

We currently have 2 separate grids, with the external grid running hidden masters that also act temporarily as recursive servers for our internal grid. Obviously, setting up the internal grid to recurse to those external servers is just as simple as configuring forwarders and enabling recursion on the external grid.

We will be merging our grids together soon. Part of this will be new dedicated recursive servers, which are already installed and joined to the internal grid, but are not configured to do anything just yet (although licensed for DNS). As our first step, we will be migrating recursion to these servers on our internal grid, freeing up the external grid to just be hidden masters once more.


This is where I get confused. Do these new recursives need to be in their own nameserver group? Do I need a new DNS View? With it all in one grid, I'm confusing myself, even though I'm the "Infoblox guy" here. We only want the internal grid nameservers to be able to recurse to these hosts - no bypassing internal dns.


Furthermore, a few weeks later, we will be merging in the hidden masters from the external grid and adding a new external view. How would that work in such a way as to check the external view (where we have several domains that are not overlaps of the internal view) before recursing to the internet?

What are the basic things I need to do so I can further research? I feel like I'm going in circles on this.


Thank you

Showing results for 
Search instead for 
Did you mean: 

Recommended for You