Versions Compared

Old Version 37

changes.mady.by.user Gary Leicht

Saved on

compared with

New Version Current

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

The provided information is for reference only. It represents the results of lab testing in a controlled environment focused on individual protocol services. Enabling additional protocols, services, cache hit ratio for recursive DNS, and customer environment variables will affect performance. To design and size a solution for a production environment, please contact your Infoblox Solution Architect.

...

When configuring external networks, Infoblox recommends that you add the following four anycast IPs (provided by BloxOneInfoblox) to your DNS server for DNS forwarding.

...

If you use Unbound as the DNS resolver, you can make some modifications in your DNS configuration file to configure your DNS forwarders to use the BloxOne Cloud Infoblox Platform name server IP.Use the following example as a reference when modifying your DNS configuration file:

...

If you use BIND as the DNS resolver, you can make some modifications in your DNS configuration file to configure your DNS forwarders to use the BloxOne Cloud Infoblox Platform name server IP.

Use the following example as a reference when modifying your DNS configuration file:

...

If you use Microsoft servers as the DNS resolvers, you can configure the Microsoft forwarder to use the BloxOne Cloud Infoblox Platform name server IP through the Windows interface.

...

  1. On your Microsoft Windows server, open DNS Manager.

  2. In the console tree, click the applicable DNS server from DNS/Applicable DNS server.

  3. On the Action menu, click Properties.

  4. On the Forwarders tab, click Edit.

    ImageA window from the "DNS Manager", which is a tool typically used to configure and manage DNS services on a network.

   5. Enter the IP address of one or more forwarders, and then click OK. For BloxOne Infoblox Threat Defense global IPv4 DNS Anycast addresses see Forwarding DNS Traffic to BloxOne Cloud.

...

For workloads running in Microsoft Azure, you can configure an Azure Virtual Network (VNet) to use BloxOne Cloud Infoblox Platform as a custom DNS server.

Note

To apply security policies and protect DNS traffic from your VNet, you must register one or more source IPs in BloxOneInfoblox, as an external network. For details, see Configuring External Networks.

To ensure that the source address is consistent, the configuration example on this page relies on a VNet using a NAT Gateway. For information on configuring a VNet with a NAT Gateway, see Microsoft’s Virtual Network NAT documentation.

...

  1. In the Azure Portal, navigate to the applicable VNet.

  2. On the VNet page, select DNS servers from the menu.

    Image:  The Microsoft Azure portal interface showing the DNS servers configuration for a virtual network named "central-vnet".

  3. Select the radio button for Custom.

  4. Enter the IP address of one or more forwarders, and then click OK. For BloxOne Infoblox Threat Defense global IPv4 DNS Anycast addresses, seeForwarding DNS Traffic to BloxOne Cloud.

  5. Save this configuration.

    To find the public IP of a NAT Gateway that you would like to register as an external network, perform the following

  6. In the Azure Portal, navigate to the applicable NAT Gateway.

  7. On the NAT Gateway page, select Outbound IP from the menu.

    Image:  The Microsoft Azure portal, specifically focusing on the "Outbound IP" configuration for an entity named "central-natgw", which is a NAT (Network Address Translation) gateway.

  8. Copy and save the IP addresses shown.

...

In order to forward traffic to BloxOne Infoblox Threat Defense you must configure a resolver rule which allows Route 53 to forward traffic to IP addresses defined within. To create a Resolver rule, perform the following steps:

...