2574 - Creating a Primary Zone in BloxOne DDI
Cloud Services Portal (CSP) is now Infoblox Portal
In early September, Cloud Services Portal (CSP) became Infoblox Portal with a new look-and-feel, and a new URL (https://portal.infoblox.com). As a result of this change, the layout and organization of several menus have been updated.
Unfortunately, this means that our video courseware and lab guides no longer match the new user interface. However, we are currently in the process of updating them, and they should be ready soon.
In the meantime, we have some resources to help you navigate the new interface:
We have created a mapping of the previous menu locations and their new breadcrumb location.
Additionally, you can find a walkthrough video of the new User Interface on Launchpad.
We apologize for any inconvenience this may cause and kindly ask for your patience as we work through this transition.
Scenario
Our DNS service instances are running, but now we need to host our own zone. We have a primary zone to deploy, techblue.net. Both of our BloxOne DNS Service Instances will be authoritative for this zone.
Estimated Completion Time
5 to 10 minutes
Prerequisites
Administrative access to the CSP
Lab 2801: Deploying BloxOne Hosts
Lab 2570: Configuring DHCP Services in BloxOne DDI
Lab 2571: Creating DHCP Networks in BloxOne DDI
Lab 2573: Enabling and Configuring DNS Services
Course References
2159: BloxOne DDI Configuring DNS Services
2153: BloxOne DDI Configuring DNS Zones
Tasks
Creating primary zone techblue.net
Creating primary reverse zone 10.in-addr.arpa
Validating the DNS zones and records from a client
Task 1: Creating primary zone techblue.net
We need to create a primary forward-mapping zone for techblue.net in our default DNS view. This will be the authoritative zone for this domain. We want to use both of our BloxOne DNS Service instances to host this zone, Techblue DNS service 1 and Techblue DNS service 2. We'll also need to set an email address for the SOA RNAME field to our admin's email address, admin@techblue.net.
Task 2: Creating primary reverse zone 10.in-addr.arpa
We've created a primary forward-mapping zone but we also need a reverse lookup zone to allow us to secure our network and identify where visitors are coming from. Create a primary reverse zone named 10.in-addr.arpa. We want it to be authoritative like the primary forward-mapping zone, and we want the same admin email address associated with the SOA record.
Task 3: Validating the DNS zone from a client
We've created the authoritative forward and reverse zones for techblue.net and they should now have SOA and NS records automatically populated, but we should test that this all works as designed. Using our test client, verify the response from the DNS servers.
Solutions
Task 1 Solution: Creating primary zone techblue.net
With the CSP browser window, navigate to Manage → DNS
Select the Zones tab
Click on the default DNS View to go inside the view
Click the Create button and from the drop-down select Primary Zone
Enter the zone Name: techblue.net
Expand the Authoritative DNS Servers section
Under DNS Authoritative Servers, click the arrow next to both of your DNS service instances to move them to the list of Authoritative DNS Servers
Expand the Zone Setting Defaults section
Set the Email Address (For SOA RNAME Field) to: admin@techblue.net (you will need to click the Override toggle to override the default setting)
Click Save & Close
Task 2 Solution: Creating primary reverse zone 10.in-addr.arpa
With the CSP browser window, navigate to Manage → DNS
Select the Zones tab
Click on the default DNS View to go inside the view
Click the Create button, and from the drop-down select Primary Zone
Enter
10
for the Name and select .in-addr.arpa from the suffix drop-down list. The text under the Name field should show the full name:10.in-addr.arpa
Expand the Authoritative DNS Servers section
Under DNS Authoritative Servers, click the arrow next to both of your DNS service instances to move them to the list of Authoritative DNS Servers
Expand the Zone Setting Defaults section
Set the Email Address (For SOA RNAME Field) to: admin@techblue.net (you will need to click the Override toggle to override the default setting)
Click Save & Close
Task 3 Solution: Validating the DNS zones and records from a client
On testing-linux open a Terminal window
Set the IP address as a fixed address with the command
sudo set-network-static-bloxone
to allow a route to the DNS server.Check the dig responses for the following queries. All queries should return Authoritative Answers (aa) with NOERROR:
dig @10.100.0.110 techblue.net soa
dig @10.100.0.110 -x 10.100.0.110