09-07-2021 07:24 PM
I'm new about Infoblox Technology,
I have set Infoblox on VM at 2 Site called Site A and Site B
on site A have 1 grid member -> DNS server(Authoritative) and DHCP Server
1 Grid member -> DNS recursive
on site B have 1 grid member -> DNS server(Authoritative) and DHCP Server
1 Grid member -> DNS recursive
on the grid member dns authoritative site A and site B set forwaders to both DNS recursive.
my question how can I set the priority of the query to DNS recursive because we find the client on the site B always query dns to internet via DNS recursive site A, why the grid member DNS authoritative or clients Site B not use first the DNS recursive site B query to internet
09-09-2021 06:26 AM
Are your forwarders set in the same order?
Does the Site A recursive server answer queries faster than Site B?
Is there a direct route from Site B's authoritative server to Site B's recursive server?
Any firewalls that might affect DNS traffic from the authoritative server to the recursive server or from the recursive server to the Internet?
09-09-2021 07:01 AM
1. set forwaders on the dns authoritative siteA to recursive site A(first) and to recursive site B(second), and checklist the forward only.
2. set forwaders on the grid dns authoritative site B to recursive site B(first) and to recursive site A(second), and checklist the forward only.
09-13-2021 01:27 AM
The order you specify the forwarders won't make any difference, BIND calculates the reachability of each forwarder by measuring the round trip time (RTT) then it places each server into a fairly course band, so if both have low RTT's you'll probably find that both are being used fairly evenly.
There used to be a topology statement that you could use to influence the behaviour but that is no longer supported. I'm not sure if there's a solution to this these days, I see it crop up quite a lot, it would be nice to have the option to specify primary and secondary forwarders and only go to the secondary if the primary is down, but I'm not sure that functionality exists (it used to work like that many years ago but they changed behaviour to use the RTT in the early days of BIND 9).
PCN (UK) Ltd
All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE
09-14-2021 12:07 AM
Thank you Laura,
about direct route from Site B's authoritative server to Site B's recursive server, is one segment network. But the Site A authoritative server to Site A recursive server is a different network.
So which the best to configure route from Authoritative with recursive?
its must be same nexthope if we traceroute from authoritative site A&B to recursive site A&B?
09-14-2021 12:18 AM
Thank you Paul,
we try to separate the recursive site A&B, specify the Authoritative site A to recursive site A and same to site B authoritative to recursive site B. but the next question is how about the redudancy recursive.
Like Laura mention about the direct routing and I see the site B have a same segment network between the authoritative and recusive.
let me check first to understand about this RTT,