Document toolboxDocument toolbox

Configuring DNS Zones

Owned by Sri Raghu
Last updated: Sept 06, 2024
4 min read

DNS zones are organized within a DNS View. From the Infoblox Portal, click Configure > Networking > DNS Zones. All existing views are shown under All DNS Views. If there are multiple views, you must click the particular DNS view to drill down to view the zones and subzones. If there are no DNS views, you must create them before adding a zone. For more information about creating a DNS view, see Configuring DNS Views.

You can delegate a zone to an Authoritative DNS Server.  DNS requests made to the delegated zone are serviced by the Authoritative DNS Server to which the zone is delegated. For more information about creating a zone delegation, see Configuring Zone Delegation.

There is a limit of 500 resource records of the same type and name within a single zone. Exceeding this limit is not rejected on the Infoblox Portal, but the on-premise DNS servers will refuse to load zones containing such records.


To view the list of DNS zones, complete the following:

  1. From the Infoblox Portal, click Configure > Networking > DNS.

  2. Click the respective DNS view. 
  3. The application displays the following information:
  • NAME: The name of the zone.
  • DNS NAME: The DNS name of the zone.
  • TYPE: Type of zone, whether a primary, secondary, or forward zone. 
  • DESCRIPTION: Additional information about the zone.
  • DNS PROVIDER: The DNS provider for the zone. 

You can also perform the following in this tab:

  • Click the menu button, The Menu iconto reorder the columns or to select the columns to be displayed.

  • Click the menu button, The Menu icon and then Edit, or select the check box for the respective record and click Edit to modify a zone.

  • Select a zone to view the additional details. If you do not want to view the details in the right panel, click the information button, The Information icon.

  • Click the zone details button, The Address Range Utilization icon, to view the zone details, or click the tabular format button, The Table view for Address Range Utilization, to view the details in a tabular format.

  • Enter the value that you want to search in the Search text box. Universal DDI displays the list of items matching the keyword in the database. You can search zones by NameDNS NameDescriptionTags (Tag key and/OR Tag value), Type, and DNS Provider. You can search resource records by NameDNS NameDescriptionTags (Tag key and/OR Tag value), Type, Data, and Record Source. 

  • Click the filter button, The Filter icon, to filter the objects by name and description. To save a filter after selecting the required parameters click the save button, , specify a name for the filter, and click Save & Close. To reload a previously saved filter, click the star button, The Star icon, and select the required filter. 

  • Click  the menu button, The Menu iconand then Move to Recycle Bin to move the object to the recycle bin. You can restore the object later or delete it permanently as required. For more information, see Recycle Bin.

A primary zone stores the master copy of the zone data. A secondary zone is a read-only copy of the primary zone that is stored on a different server. The secondary zone cannot process updates and can only retrieve updates from the primary zone. The secondary zone can answer DNS name resolution queries from client nodes, which helps reduce the workload on the primary zone. When you want to forward queries for data in a particular zone, define the zone as a forward zone and specify one or more DNS servers, a NIOS-X Server, or an IP address that can resolve queries for the zone.

An authoritative zone is a zone for which the local server references its own data when responding to queries. The local server is authoritative for the data in this zone and responds to queries for this data without referencing another server. Primary and secondary zones are authoritative zones. A forward zone is not an authoritative zone. 

Note

A primary zone on Universal DDI (cloud) is an authoritative zone. 

The following are two types of authoritative zones:

  • Forward-mapping: An authoritative forward-mapping zone is an area of domain name space for which one or more name servers have the responsibility to respond authoritatively to name-to-address queries.

  • Reverse-mapping: A reverse-mapping zone is an area of network space for which one or more name servers have the responsibility to respond to address-to-name queries.

You can configure and manage authoritative forward-mapping and IPv4 reverse-mapping zones on the Infoblox Universal DDI cloud service portal. When you create an authoritative forward-mapping zone or reverse-mapping zone, you assign zone authority to a DNS server and define it as the primary server for the zone. A primary server is designated as the primary source for the zone and maintains a master copy of the zone data.

You can also create one or more secondary DNS servers for a zone. A secondary server for a zone receives read-only zone data from the primary server. If a zone is part of an internal DNS structure for a private network, the inclusion of a secondary DNS server is optional, though highly recommended. If a zone is a part of an external DNS structure for a public network such as the Internet, then a secondary server in a different subnet from the primary server is required. This requirement provides an additional safeguard against localized network failures causing both primary and secondary DNS servers for a zone to become inaccessible.

You can specify the primary and secondary server for a zone or you can specify a DNS server group. A DNS server group is a collection of one or more primary servers and one or more secondary servers. For information on DNS server groups, see Configuring DNS Server Groups.

The following is an example of an IPv4 reverse-mapping zone hierarchy:

(root zone) > arpa > in-addr.arpa > 10.in-addr.arpa

You can perform the following actions: