Creating a DNS Primary Zone in Universal DDI (2574)

Scenario

You are a DDI administrator for the Techblue lab environment. The DNS service instances are already running and providing recursive lookup services, and now you need to add authoritative DNS data for internal lab systems. Your goal is to configure both NIOS-X DNS servers to be authoritative for the primary forward zone techblue.net and the primary reverse zone 10.in-addr.arpa, then verify from a client that both zones return authoritative answers.

Estimated Completion Time

• 15 to 20 minutes

Prerequisites

• Administrative access to the Infoblox Portal

• Lab 2801: Deploying NIOS-X Servers

• Lab 2573: Configuring DNS Services in Universal DDI

Learning Content

• Creating DNS Config Profiles

• Creating DNS Primary Zones

Tasks

1. Create Forward Zone.

2. Create Reverse Zone.

3. Verify Authoritative Responses.

Task 1: Create Forward Zone

Create a primary forward-mapping zone for techblue.net in the default DNS view and configure both DNS service instances to serve the zone authoritatively.

Task 2: Create Reverse Zone

Create a primary reverse-mapping zone for 10.in-addr.arpa in the default DNS view and configure both DNS service instances to serve the zone authoritatively.

Task 3: Verify Authoritative Responses

Use testing-linux to verify that forward and reverse queries for the new zones return authoritative responses from both DNS servers.

Solutions

Task 1 Solution: Create Forward Zone

Start with the forward zone because it establishes the authoritative namespace that the lab systems will use. You create the zone in the default DNS view and assign both DNS service instances so each server can answer authoritatively for techblue.net.

1. Log in to your lab’s jump-desktop.

2. Use the Education Infoblox Portal credentials to sign in to the Infoblox Portal.

3. Navigate to Network → DNS.

4. Select the Zones tab.

5. Verify that the only DNS view listed is default, then click default.

   

6. Click Create and select Primary Zone.

   

7. In the Name field, enter techblue.net.

8. Expand the Authoritative DNS Servers section.

9. Select Techblue DNS Service 1 and Techblue DNS Service 2, and move them to the selected list.

   

10. Click Save & Close.

Task 2 Solution: Create Reverse Zone

After the forward zone exists, create the reverse zone so the same DNS servers can answer authoritative PTR lookups for the lab IP space. Keeping the reverse zone in the same default DNS view and assigning the same service instances ensures the authoritative forward and reverse data stay aligned.

1. Stay in the default DNS view.

2. Click Create and select Primary Zone.

3. In the Name field, enter 10.

4. In the suffix drop-down to the right of Name, select .in-addr.arpa.

5. Expand the Authoritative DNS Servers section.

6. Select Techblue DNS Service 1 and Techblue DNS Service 2, and move them to the selected list.

   

7. Click Save & Close.

Task 3 Solution: Verify Authoritative Responses

Finish by testing both zones from testing-linux. These queries confirm that the forward and reverse zones are not just present in the Portal, but are actively being served authoritatively by both DNS servers. You should see aa and NOERROR in the responses.

1. Switch to testing-linux and open a terminal window.

2. Run sudo set-network-static-bloxone. If prompted for a password, enter infoblox.

3. Run dig @10.100.0.110 oph1.techblue.net. A.

   

4. Run dig @10.200.0.110 oph1.techblue.net. A.

   

5. Run dig @10.100.0.110 -x 10.100.0.110.

   

6. Run dig @10.200.0.110 -x 10.100.0.110.

   

7. Review all four responses and confirm that each query returns aa and NOERROR.