Creating a DNS Primary SubZone in Universal DDI (2575)

Scenario

You are the DNS administrator for the internal DNS domain techblue.net. This domain is used by several departments, including Sales, and your manager wants Sales-related DNS data moved into a separate child zone so it can be organized independently and locked down with delegated permissions later. Your goal is to create the authoritative primary subzone sales.techblue.net under techblue.net and then verify from a client that the new zone returns authoritative SOA and NS responses.

Estimated Completion Time

• 5 to 10 minutes

Prerequisites

• Administrative access to the Infoblox Portal

• Lab 2801: Deploying NIOS-X Servers

• Lab 2570: Configuring DHCP Services in Universal DDI

• Lab 2571: Creating DHCP Networks in Universal DDI

• Lab 2573: Configuring DNS Services in Universal DDI

• Lab 2574: Creating a DNS Primary Zone in Universal DDI

Learning Content

• Creating DNS Config Profiles

• Creating DNS Primary Zones

Tasks

1. Create Sales Subzone

2. Validate Subzone responses

Task 1: Create Sales Subzone

Create a primary subzone named sales.techblue.net under the techblue.net zone in the default DNS view. Configure it as an authoritative zone, use admin@techblue.net as the administrative contact, and assign Techblue DNS Service 1 and Techblue DNS Service 2 as the authoritative DNS servers.

Task 2: Validate Subzone responses

After creating the sales.techblue.net subzone and adding the necessary resource records, verify that the setup is working as expected. Use the testing-linux virtual machine to query the DNS servers and confirm that the resource records resolve correctly.

Solutions

Task 1 Solution: Create Sales Subzone

Start by creating the Sales child zone under the existing techblue.net parent zone. This keeps Sales records organized under their own authoritative namespace and prepares the environment for more granular administration later. Because the subzone is authoritative, Universal DDI automatically creates the SOA and NS records when you save it.

1. Log in to your lab’s jump-desktop.

2. Use the Education Infoblox Portal credentials to sign in to the Infoblox Portal.

3. Navigate to Network → DNS.

4. Select the Zones tab.

5. Click the DNS view default.

6. In the default DNS view, click zone techblue.net to open it.

   

7. Click Create, point to Zone, and select Primary Zone.

8. In the Name field, enter sales.

9. Verify that .techblue.net is selected in the suffix drop-down list.

10. Expand the Authoritative DNS Servers section.

11. Select Techblue DNS Service 1 and Techblue DNS Service 2, and move them to the selected list.

    

12. Expand the Zone Setting Defaults section.

13. Scroll to Email Address (for SOA field), turn on the Override toggle, and enter admin@techblue.net.

    

14. Click Save & Close.

Task 2 Solution: Validate Subzone responses

After you create the subzone, verify that the DNS servers are serving it authoritatively from a client system. Querying the SOA and NS records confirms both that the zone exists and that its core authoritative records were created correctly. A successful result should show an authoritative answer and a NOERROR status.

1. Switch to virtual machine testing-linux and open a terminal window.

2. Run sudo set-network-static-bloxone. If prompted for a password, use infoblox.

3. Run dig @10.100.0.110 sales.techblue.net. SOA.

   

4. Run dig @10.100.0.110 sales.techblue.net. NS.

   

5. Review both responses and confirm that they show an authoritative answer (aa) and NOERROR.