2574 - Creating a Primary Zone in BloxOne DDI

Scenario

Our DNS service instances are running, but now we need to host our own zone. We have a primary zone to deploy, techblue.net. Both of our BloxOne DNS Service Instances will be authoritative for this zone.

Estimated Completion Time

• 5 to 10 minutes

Prerequisites

• Administrative access to the CSP

• Lab 2801: Deploying BloxOne Hosts

• Lab 2570: Configuring DHCP Services in BloxOne DDI

• Lab 2571: Creating DHCP Networks in BloxOne DDI

• Lab 2573: Enabling and Configuring DNS Services

Course References

• 2159: BloxOne DDI Configuring DNS Services

• 2153: BloxOne DDI Configuring DNS Zones

Tasks

1. Creating primary zone techblue.net

2. Creating primary reverse zone 10.in-addr.arpa

3. Validating the DNS zones and records from a client

Task 1: Creating primary zone techblue.net

We need to create a primary forward-mapping zone for techblue.net in our default DNS view. This will be the authoritative zone for this domain. We want to use both of our BloxOne DNS Service instances to host this zone, Techblue DNS service 1 and Techblue DNS service 2. We'll also need to set an email address for the SOA RNAME field to our admin's email address, admin@techblue.net.

Task 2: Creating primary reverse zone 10.in-addr.arpa

We've created a primary forward-mapping zone but we also need a reverse lookup zone to allow us to secure our network and identify where visitors are coming from. Create a primary reverse zone named 10.in-addr.arpa. We want it to be authoritative like the primary forward-mapping zone, and we want the same admin email address associated with the SOA record.

Task 3: Validating the DNS zone from a client

We've created the authoritative forward and reverse zones for techblue.net and they should now have SOA and NS records automatically populated, but we should test that this all works as designed. Using our test client, verify the response from the DNS servers.

Solutions

Task 1 Solution: Creating primary zone techblue.net

1. With the CSP browser window, navigate to Manage → DNS

2. Select the Zones tab

3. Click on the default DNS View to go inside the view

4. Click the Create button and from the drop-down select Primary Zone

5. Enter the zone Name: techblue.net

6. Expand the Authoritative DNS Servers section

7. Under DNS Authoritative Servers, click the arrow next to both of your DNS service instances to move them to the list of Authoritative DNS Servers

8. Expand the Zone Setting Defaults section

9. Set the Email Address (For SOA RNAME Field) to: admin@techblue.net (you will need to click the Override toggle to override the default setting)

10. Click Save & Close

Task 2 Solution: Creating primary reverse zone 10.in-addr.arpa

1. With the CSP browser window, navigate to Manage → DNS

2. Select the Zones tab

3. Click on the default DNS View to go inside the view

4. Click the Create button, and from the drop-down select Primary Zone

5. Enter 10 for the Name and select .in-addr.arpa from the suffix drop-down list. The text under the Name field should show the full name: 10.in-addr.arpa

6. Expand the Authoritative DNS Servers section

7. Under DNS Authoritative Servers, click the arrow next to both of your DNS service instances to move them to the list of Authoritative DNS Servers

8. Expand the Zone Setting Defaults section

9. Set the Email Address (For SOA RNAME Field) to: admin@techblue.net (you will need to click the Override toggle to override the default setting)

10. Click Save & Close

Task 3 Solution: Validating the DNS zones and records from a client

1. On testing-linux open a Terminal window

2. Set the IP address as a fixed address with the command sudo set-network-static-bloxone to allow a route to the DNS server.

3. Check the dig responses for the following queries. All queries should return Authoritative Answers (aa) with NOERROR:
   

   dig @10.100.0.110 techblue.net soa
dig @10.100.0.110 -x 10.100.0.110