In the figure Configuring a DNS View, Member-A is a member of a Grid. It is the primary name server for the corpxyz.com zone in the internal DNS view. It allows the IP address 192.168.10.1 and the 10.2.2.0/24 subnet access to DNS zone data in the internal DNS view. At the zone level, it allows transfers to an external secondary server, Infoblox-B, with an IP address of 192.168.10.1. Infoblox-B is a secondary server for the corpxyz.com zone. The process follows these steps:
Adding an Internal DNS View on Member-A
Adding a Zone to a DNS View
Copying Records Between DNS Zones from the corpxyz.com zone in the default DNS view to the corpxyz.com zone in the internal DNS view
Verifying the Configuration
...
Configuring a DNS View
| Drawio | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Anchor
Expand the Toolbar and click Add -> Add DNS View.
In the Add DNS View wizard, specify the following, and then click Next:
Name: internal
Comment: internal DNS view
In the Match Clients panel, click Add and select IPv4 Network from the drop-down list.
Do the following for IP addresses in the network 10.2.2.0/24:
Enter 10.2.2.0/24 in the in the Address field.
The Permission field displays Allow by default. Leave it as is.
Click Add.
You will have 255 allowed client addresses in the Match Clients list when you are done.
Save the configuration and click Restart if it appears at the top of the screen.
Anchor
Expand the Toolbar and click Add -> Zone -> Add Auth Zone.
In the Add Auth Zone wizard, click Add an authoritative forward-mapping zone and click Next.
Specify the following, and then click Next:
Name: Enter corpxyz.com.
DNS View: Select Internal from the drop-down list.
In step 3 of the wizard, do the following:
Select Use this set of name servers.
Click the Add icon and select Grid Primary.
Click Select Member and select Member A from the Select Grid Member dialog box.
Click Add to add the Grid member to the list of name servers.
Click the Add icon again and select External Secondary.
Enter the following information, and then click Add:
Name: Infoblox
IP Address: 192.168.10.1
Click1 Save & Edit to display the Authoritative Zone editor and continue with the zone configuration.
Click Queries.
Click Override, and then click the Add icon and select IPv4 Network.
Enter 10.2.2.0/8 in the in the Address field.
The Permission field displays Allow by default. Leave it as is.
Click Add.
This allows queries that the appliance answers from its internal DNS view.
Save the configuration and click Restart if it appears at the top of the screen.
...
Copying Records Between DNS Zones
Navigate to the default DNS view and select the corpxyz.com zone.
Expand the Toolbar and click Copy Records.
In the Destination field, click Select Zone, and then select the corpxyz.com zone in the Internal DNS view.
Select Copy all records, and then click OK.
Save the configuration and click Restart if it appears at the top of the screen.
The records from corpxyz.com in the default DNS view are copied to corpxyz.com in the internal DNS view.
| Note |
|---|
NoteOnly superusers can copy A, AAAA, shared A, and shared AAAA records with a blank name. Limited-access users must have read/write permission to Adding a blank A/AAAA record in order to copy A, AAAA, shared A, and shared AAAA records with a blank name, otherwise the copying records operation might fail. You can assign global permission for specific admin groups and roles to allow to copy A, AAAA, shared A, and shared AAAA records with a blank name. For more information, see Administrative Permissions for Adding Blank A or AAAA Records. |
...
Administrative Permissions for Adding Blank A or AAAA Records. |
Verifying the Configuration
In the DNS tab, click Members and select the Member-A checkbox .
Expand the Toolbar and click View -> View DNS Configuration.
In the DNS Configuration File viewer, scroll through the contents of the file.
Verify that the internal DNS view section is similar to the configuration file shown.