Document toolboxDocument toolbox

DNS Sort Lists

Owned by Sri Raghu
Last updated: Sept 06, 2024
2 min read

DNS sort lists allow prioritizing A and AAAA records on certain networks when they are returned in DNS responses, thereby sorting them to the beginning of the list in the response. It is useful in scenarios where a server has two interfaces and you want the DNS clients to prefer one interface because it has a faster link. DNS clients can select the closest or most optimal IP address to use for the connection, reducing the time needed to establish the connection.

To configure DNS sort lists, complete the following:

  1. From the Infoblox Portal, click Configure > Networking > DNS, and click Global DNS Configuration.  This feature is also available at the DNS Config Profile and DNS View levels. DNS sort lists support inheritance at the DNS config profile and DNS view levels.

  2. In the Global DNS Configuration page, click DNS Sort Lists.

  3. Click Add to add or click Remove to remove the entries. Configure the following:

  4. TYPE: choose the type of interface from the drop-down list:

    • Any Address/Network: Select this option to allow or deny the application to send DNS responses to any IP address or network.

    • IPv4 Address: Select this option to add an IPv4 address. Click the VALUE field and enter the IP address of the remote server.

    • IPv4 Network: Select this option to add an IPv4 network address to the list. Click the VALUE field and enter the IP address of the remote server.

    • IPv6 Address: Select this option to add an IPv6 address. Click the VALUE field and enter the IP address of the remote server.

    • IPv6 Network: Select this option to add an IPv4 network address to the list. Click the VALUE field and enter the IP address of the remote server.

    • Named ACL: Select this option to add a named ACL. Click the VALUE field and the list of named ACLs are displayed. If you have only one named ACL, it is displayed automatically. If there is an ACL item having ‘deny’ permission, the searching stops and all remaining ACL items will be ignored. 

    You can reorder the rows using the up and down arrows next to the table. The rules from the first matching source will be used. For example, if any address/network is the first entry, the other entries after it are ignored since the incoming client IP address always matches any address/network.

  5. Specify the Prioritized Responses as a list of IPs separated by commas.

  6. Click Save & Close to save.

If an ACL is configured in the DNS Sort List, the ACL searched depth-first and the IP address/network in the retrieved rules will be considered as a source field. If there is a negative rule with IP address/network is encountered during search, the searching stops and no further IP addresses/networks are retrieved as source field.