Breadcrumbs

Creating authoritative secondary zones in NIOS (2523)

Scenario

Your training department is operating its own DNS server, with the zone training.techblue.net. You would like to receive a read-only copy of the zone data on the authoritative primary zone. Please configure this authoritative secondary zone in NIOS.

Estimate Completion Time

  • 10 to 15 minutes

Credentials

Description

Username

Password

URL or IP

Grid Manager UI

admin

infoblox

https://10.100.0.100/

Requirements

  • Administrative DNS access to the Grid

Learning Content

Lab Initiation

Access jump-desktop

Once the lab is deployed, you can access the virtual machines required to complete this lab activity. To initiate the lab, click on the jump-desktop tile and login to the Linux UI:

image-20231130-134540.png

Username: training

Password: infoblox

Initiate lab

To initiate the lab, double-click the Launch Lab icon on the Desktop.

Launch Lab
Launch Lab

Choose the lab number from the list and click OK.

image-20231122-140156.png

After clicking OK, you will see a pop-up message with a brief description of the lab task. If the description looks correct, click Yes to continue lab initiation.

image-20231122-140739.png

Lab initiation will take a couple of minutes to finish.

Once complete, you will see another pop-up message with the login credentials and the URL for the Grid Manager’s User Interface. Note that the credentials may differ from those from prior labs.

Screenshot 2024-05-06 at 3.16.57 PM.png


Tasks

  1. Creating an authoritative secondary zone.

Task 1: Creating an authoritative secondary zone

The training department's DNS server is imai.techblue.io. Use the following command on the jump-desktop VM to identify the current IP address of imai.techblue.io: dig +short imai.techblue.io. Please configure an authoritative secondary zone for training.techblue.net to receive data from imai.techblue.io. The Grid secondary members are ibns1.techblue.net and ibns2.techblue.net.

Solutions

Task 1 Solution: Creating an authoritative secondary zone

Create the training.techblue.net Authoritative (Secondary) zone

  1. Lookup the IP address of imai.techblue.io (You can use the dig +short imai.techblue.io. command in a terminal on your jump-desktop)

  2. From Grid Master UI , navigate to Data Management → DNS → Zones

  3. Click the Add dropdown menu and select Authoritative Zone

  4. Leave the radio button set to Add an authoritative forward-mapping zone

  5. Click Next

  6. For Name, enter training.techblue.net

  7. Leave the remaining settings unchanged and click Next

  8. Select the radio button to Use this set of name servers

  9. Click the Add drop-down menu and select External Primary

  10. For Name Server Name, enter imai.techblue.io

  11. For the Name Server Address, enter the IP address that you looked up for imai.techblue.io

  12. Check Use TSIG

  13. Select the radio button next to Key Name if it is not already selected

  14. Populate the Key name, Key algorithm, and Key Data from the file in the folder Shared Drive named tsig_xfer_nios.txt. This is on your jump-desktop VM. (full path is /mnt/shared/tsig_xfer_sha256.txt)

  15. Click Add

  16. Click the Add drop-down menu again, and select Grid Secondary

  17. Click on the Select button, and select ibns1.techblue.net from the name server list

  18. Click Add to add it to the list of zone name servers

  19. Repeat the above steps to add ibns2.techblue.net as a Grid Secondary

  20. Click Save & Close

  21. The Zones window now displays the new training.techblue.net authoritative zone (you may need to click Toggle Flat View)

  22. Click on the Restart button in the notification banner

  23. Click Restart in the Restart Grid Services window