2579 - Configuring Dynamic DNS in BloxOne DDI

Scenario

Several clients have been complaining that DNS entries for their machines are old and out of date. Some are completely missing. IT has decided to enable DDNS from the DHCP perspective so that for every new lease, the DHCP server will issue DDNS requests.

Estimated Completion Time

• 15 to 20 minutes

Prerequisites

• Administrative access to the CSP

• Lab 2801: Deploying BloxOne Hosts

• Lab 2570: Configuring DHCP Services in BloxOne DDI

• Lab 2571: Creating DHCP Networks in BloxOne DDI

• Lab 2573: Enabling and Configuring DNS Services

• Lab 2574: Creating a Primary Zone in BloxOne DDI

Course References

• 2159: BloxOne DDI Configuring DNS Services

• 2153: BloxOne DDI Configuring DNS Zones

• 2155: BloxOne DDI Dynamic DNS

Tasks

1. Create a new DNS forward mapping zone called ddns.techblue.net

2. Allow DDNS Updates in DHCP and DNS

3. Enable DDNS on the 172.31.101.0/24 network and configure the DDNS Domain Name value

4. Test DDNS

5. Examine the lease

Task 1: Create a new DNS forward mapping zone called ddns.techblue.net

We need to create a new DNS forward mapping zone ddns.techblue.net in the default DNS view. This will be the authoritative zone for this domain. We want to use both of our BloxOne DNS Service Instances to host this zone, Techblue DNS service 1 and Techblue DNS service 2. We'll also need to set an email address for the SOA RNAME field to our admin's email address, admin@techblue.net.

Task 2: Allow DDNS Updates in DHCP

We will need to check that DDNS Updates are enabled in the Global DHCP Configuration and set the default domain name ddns.techblue.net. We also want to make sure the updates are going to ddns.techblue.net, that lease renewals will update DNS record(s) and when there is a conflict, we want DNS to be updated for the DHCID records as well.

Task 3: Test DDNS

We've enabled DDNS and set the default domain to ddns.techblue.net but now we should test to make sure it works. Verify from testing-linux. We can also take a look at the records created in the ddns.techblue.net zone.

Task 4: Examine the lease

Now that the DHCP server can update DNS with records for the DHCP clients it serves, we can take a look at the lease information, which includes DNS record information.

Solutions

Task 1 Solution: Create a new DNS forward mapping zone called ddns.techblue.net

1. With the CSP browser main menu, navigate to Manage → DNS

2. Select the Zones tab

3. Click on the default DNS View to go inside the view

4. Click the Create button, and from the drop-down select Primary Zone

5. Enter the zone Name: ddns.techblue.net

6. For Description, enter a description for this zone like Zone for DDNS

7. Expand the Authoritative DNS Servers section

8. Under DNS Authoritative Servers, click the arrow next to both of your DNS service instances to move them to the list of Authoritative DNS Servers

9. Expand the Zone Setting Defaults section

10. Set the Email Address (For SOA RNAME Field) to: admin@techblue.net (you will need to click the Override toggle to override the default setting)

11. Click Save & Close

Task 2 Solution: Allow DDNS Updates in DHCP

We will need to check that DDNS Updates are enabled in the Global DHCP Configuration

1. Navigate to Manage → IPAM/DHCP

2. Click on Global DHCP Configuration

3. Scroll down to the DDNS section and expand it.

4. Check the box for Enable Dynamic DNS Service

5. For Default Dynamic DNS Domain name, enter ddns.techblue.net.

6. Under DDNS ZONES click Add and select Internal Zone

7. Select the ddns zone by selecting default → techblue.net → ddns and click Add to the right

8. Select the checkbox for Update DNS record(s) on DHCP lease renewal

9. Scroll down to the Conflict Resolution section and check the radio button for Update DNS and add or update DHCID records

10. Click Save & Close

Task 3 Solution: Test DDNS

Let’s test this configuration from our test client

1. On the testing-linux Virtual Machine, open a Terminal window

2. Set the IP address as a fixed address with the command sudo set-network-static-bloxone to allow a route to the DNS server.

3. We are going to bounce the network interface ens160 on this machine to force a new lease to be retrieved, which will accompany a DDNS update. Use the following commands:

   1. Disable the network interface with sudo set-network-disable (for sudo password use infoblox)

   2. To clear any existing leases, type in sudo clear-dhcp-leases

   3. Now check that a lease is present with sudo show-dhcp-lease

4. You may see that there is now an option entry: option host-name "testing-linux.ddns.techblue.net"

5. You can also test DNS resolution for the A record from here with dig @10.100.0.110 testing-linux.ddns.techblue.net A
   

Now, we’ll check the Resource Records in our DNS Zone

1. With the CSP browser window, navigate to Manage → DNS

2. Select the Zones tab

3. Click on the default DNS View to go inside the view

4. Click on the techblue.net zone to go inside of the zone

5. We can see our entries for the zone we created, ddns.techblue.net, with the description we set and BloxOne DDI as the DNS Provider. Click on ddns on the list in the techblue.net zone to see the records in the zone.

6. We can see the A record for testing-linux.ddns.techblue.net with a RECORD SOURCE of Dynamic and the DHCID record for the DHCP server identification.

Task 4 Solution: Examine the lease

1. Navigate to Manage → IPAM/DHCP

2. Navigate to the IP address range for our testing-linux VM by clicking through Techblue Network → 172.31.0.0/16 → 172.31.101.0/24 → 172.31.101.100-172.31.101.199

3. Select the entry for testing-linux, we can expand the Lease Information panel to the right (in the information panel).

4. Notice that the Hostname of the lease entry for our testing-linux VM is testing-linux.ddns.techblue.net. This was generated by the system using DDNS.