Skip to main content
Skip table of contents

2568 - Configuring Source-Based Topology Ruleset

This lab requires a NIOS 9.0 Lab Environment

This lab guide has been developed using the new NIOS 9.0 Lab Environment (experimental) lab. Please ensure that you deploy a NIOS 9.0 lab environment to complete these lab tasks. If you use a different lab environment, this is untested, and the lab likely will not work.

Scenario

Your organization is setting up DNS Traffic Control (DTC) to direct network traffic based on the client’s IP address. To support these configurations, you will configure a source-based topology ruleset to direct traffic based on specific subnets. Finally, you will set up a Load-Balanced Domain Name (LBDN) using this ruleset and test it to verify that DNS responses follow the configured ruleset.

Estimate Completion Time

  • 15 to 20 minutes

Credentials

Description

Username

Password

URL or IP

Grid Manager UI

admin

infoblox

https://10.100.0.100/

Requirements

  • Administrative access to the Grid

Lab Initiation

Access jump-desktop

Once the lab is deployed, you can access the virtual machines required to complete this lab activity. To initiate the lab, click on the jump-desktop tile and login to the Linux UI:

Username: training

Password: infoblox

Initiate lab

To initiate the lab, double-click the Launch Lab icon on the Desktop.

Launch Lab

Launch Lab

Choose the lab number from the list and click OK.

After clicking OK, you will see a pop-up message with a brief description of the lab task. If the description looks correct, click Yes to continue lab initiation.

Lab initiation will take a couple of minutes to finish.

Once complete, you will see another pop-up message with the login credentials and the URL for the Grid Manager’s User Interface. Note that the credentials may differ from those from prior labs.

Screenshot 2024-05-06 at 3.16.57 PM.png

Tasks

Task 1: Configure Source-Based Topology Ruleset

Create a topology ruleset named Source Rule with the following IP-to-pool mappings to direct DNS responses based on the source IP.

Table 2568-1

Source Subnet

DTC Pool/Server

Order

10.0.0.0/8

Pool A

1

192.168.0.0/16

Pool B

2

172.16.0.0/12

Pool B

3

Task 2: Set Up the Load-Balanced Domain Name (LBDN)

Configure a Load-Balanced Domain Name (LBDN) stan.dtc.techblue.net that uses the Source Rule topology ruleset created in Task 2.

Task 3: Test the Source-Based Topology Ruleset

Use the Test LBDN tool to verify that the LBDN is functioning as expected.

Solutions

Task 1 Solution: Configure Source-Based Topology Ruleset

To configure a source-based topology ruleset, proceed with the following steps:

  1. Navigate to Data Management → DNS → Traffic Control.

  2. From the toolbar panel on the right, click Manage Topology Ruleset

  3. Click Add (+) to create a new ruleset.

  4. In the Ruleset Wizard, Enter the following details:

    1. Name: Source Rule

    2. Destination Type: Pool

    3. Comment: Source IP-based ruleset.

  5. In the Rules section,

    1. click the Add (+) dropdown menu and select Subnet Rule.

    2. In the Add Subnet Rule window Set Source Subnet to 10.0.0.0/8

    3. For Destination/Response, select DTC Pool/Server and choose Pool A.

    4. Click Add to save this rule.

  6. Repeat these steps to add additional subnet rules as specified in Table 2568-1.

  7. After adding all the rules, set the Default destination if none of the above rules match option to Pool A.

    Screenshot_2024-11-12_13-54-58-20241112-144815.png

  8. Click Save & Close to save the ruleset configuration.

  9. Click Close on the Topology Manager window.

Task 2 Solution: Set Up the Load-Balanced Domain Name (LBDN)

Create an LBDN that uses the Source Rule topology by following these instructions:

  1. Navigate to Data Management → DNS → Traffic Control.

  2. Click the Add (+) dropdown menu and select LBDN to open the DTC LBDN Wizard.

  3. In Step 1 of the wizard, enter the following details:

    • Display Name: Subnet Test

    • Patterns: Click + to add a new pattern, then enter stan.dtc.techblue.net.

    • Load Balancing Method: Topology

    • Topology Ruleset: Source Rule (created in Task 2)

      Screenshot_2024-11-12_13-56-12-20241112-145000.png

  4. Click Next to proceed.

  5. In Step 2, verify that the following record types are selected:

    • A

    • CNAME

    • AAAA

  6. Click Add (+) and select the Associated Zone dtc.techblue.net, then click Next.

  7. In Step 3, click Add (+) to add Pool A and Pool B.

  8. Click Save & Close to complete the LBDN setup.

  9. When prompted, select Restart Services to apply the changes.


Task 3 Solution: Test the Source-Based Topology Ruleset

Verify the functionality of the Source-Based Topology Ruleset with these steps:

  1. Navigate to Data Management → DNS → Traffic Control.

  2. Select the LBDN Subnet Test.

  3. From the Toolbar, click Test LBDN to open the Test DTC LBDN (Web) tool.

  4. Enter the following test details:

    • Query Source: 10.10.10.10 (or any IP from 10.0.0.0/8)

    • Query Name: stan.dtc.techblue.net

    • Member: ibns1.techblue.net

    • Record Type: A

  5. Click Start to send a test query and observe the response.

  6. Verify that the response IP matches Pool A's IP addresses (10.100.0.210 or 10.100.0.220), as configured.

    Screenshot_2024-11-12_13-58-27-20241112-145133.png

  7. Repeat the test with different Query Source IPs to verify that traffic is routed according to the Source Rule configuration:

    • 192.168.1.1 should return an IP from Pool B (10.200.0.210 or 10.200.0.220).

    • 172.16.2.2 should return an IP from Pool B (10.200.0.210 or 10.200.0.220).

    • 128.171.3.3 should return an IP from Pool A (10.100.0.210 or 10.100.0.220) as the default destination.

  8. Verify that the responses align with the rules configured in the Source Rule topology.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close