infoblox_nios:forwarding
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| infoblox_nios:forwarding [2024/12/21 19:23] – bstafford | infoblox_nios:forwarding [2025/07/01 18:47] (current) – bstafford | ||
|---|---|---|---|
| Line 28: | Line 28: | ||
| In short, No. The order in which the forwarders are listed has no bearing on the order in which they are used. | In short, No. The order in which the forwarders are listed has no bearing on the order in which they are used. | ||
| + | |||
| + | ===== DNSSEC ===== | ||
| + | If DNSSEC validation is not enabled in NIOS, and if NIOS is configured to forward to another DNS server (e.g. NIOS caching/ | ||
| + | |||
| + | If you enable DNSSEC and have Trust Anchors configured on the internal DNS NIOS box, then the NIOS box will do the DNSSEC validation by forwarding the DNS and DNSKEY queries to the external caching layer to get the answers to. | ||
| + | |||
| + | If you enabled DNSSEC and have NO Trust Anchors configured, then the internal DNS NIOS box will add CD (Check Disabled) flag bit set to " | ||
| + | |||
| + | [[https:// | ||
| ===== DFP Forwarding ===== | ===== DFP Forwarding ===== | ||
| + | |||
| + | [[https:// | ||
| + | |||
| + | When enabling the " | ||
| + | < | ||
| + | 1. When you select the " | ||
| + | 2. When recursion is not enabled on the member. | ||
| + | 3. The list of Grid or Member DNS forwarders is empty. When DFP is enabled on the node: DFP will re-write required statements to forwarder section of named-config. | ||
| + | |||
| + | Do you still want to proceed? Do you want to continue?</ | ||
| + | |||
| + | |||
| + | < | ||
| + | 1. When you select the " | ||
| + | 2. When recursion is not enabled on the member. | ||
| + | 3. The list of Grid or Member DNS forwarders is empty. When DFP is enabled on the node: DFP will re-write required statements to forwarder section of named-config. | ||
| + | |||
| + | Do you still want to proceed? Do you want to continue?</ | ||
| + | |||
| + | If DFP fails and Global Forwarders are NOT configured, root hints will be used and NIOS will not add source IP data to the queries. | ||
| + | |||
| Notes on using " | Notes on using " | ||
| * Source IP (Laptop) = 192.168.99.73 (Queries 192.168.11.211) | * Source IP (Laptop) = 192.168.99.73 (Queries 192.168.11.211) | ||
| Line 38: | Line 68: | ||
| In the scenario below, the key is to ensure that the first layer has " | In the scenario below, the key is to ensure that the first layer has " | ||
| - | ^Source | + | MAC Address will only get ADDED if the client |
| - | | 192.168.99.73 | _ | _ | _ | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | _ | _ | _ | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | _ | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | _ | _ | X | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | _ | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | _ | X | _ | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | _ | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | _ | X | X | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | _ | _ | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | _ | X | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | X | _ | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | _ | X | X | X | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | _ | _ | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | _ | X | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | X | _ | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | _ | X | X | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | _ | _ | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | _ | X | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | X | _ | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | _ | X | X | X | X | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | X | _ | _ | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | _ | _ | _ | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | _ | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | _ | _ | X | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | _ | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | _ | X | _ | X | 192.168.99.73 | N/A | | + | |
| - | | 192.168.99.73 | X | _ | _ | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | _ | X | X | X | 192.168.99.73 | N/A | | + | |
| - | | 192.168.99.73 | X | _ | X | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | X | _ | _ | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | X | _ | X | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | X | _ | X | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | X | _ | X | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | X | X | _ | X | 192.168.99.73 | N/A | | + | |
| - | | 192.168.99.73 | X | _ | X | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | _ | X | X | X | X | 192.168.99.73 | N/A | | + | |
| - | | 192.168.99.73 | X | X | _ | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | _ | _ | _ | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | _ | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | _ | _ | X | X | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | _ | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | _ | X | _ | X | 192.168.99.73 | N/A | | + | |
| - | | 192.168.99.73 | X | X | _ | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | _ | X | X | X | 192.168.99.73 | N/A | | + | |
| - | | 192.168.99.73 | X | X | X | _ | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | X | _ | _ | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | X | X | X | _ | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | X | _ | X | X | 192.168.11.211 | 00: | + | |
| - | | 192.168.99.73 | X | X | X | X | _ | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | X | X | _ | X | 192.168.99.73 | N/A | | + | |
| - | | 192.168.99.73 | X | X | X | X | X | _ | 192.168.11.212 | 00: | + | |
| - | | 192.168.99.73 | X | X | X | X | X | X | 192.168.99.73 | N/A | | + | |
| + | ^Source IP ^ 1 Add ^ 1 Copy ^ 2 Add ^ 2 Copy ^ 3 Add ^ 3 Copy ^ IP Recorded ^ | ||
| + | | 192.168.99.73 | _ | _ | _ | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | _ | _ | _ | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | _ | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | _ | _ | X | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | _ | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | _ | X | _ | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | _ | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | _ | X | X | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | X | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | X | _ | _ | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | _ | _ | X | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | X | _ | X | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | _ | _ | X | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | X | X | _ | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | _ | _ | X | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | _ | X | X | X | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | _ | X | _ | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | _ | _ | _ | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | _ | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | _ | _ | X | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | _ | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | _ | X | _ | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | _ | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | _ | X | X | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | X | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | X | _ | _ | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | _ | X | X | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | X | _ | X | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | _ | X | X | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | X | X | _ | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | _ | X | X | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | _ | X | X | X | X | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | X | _ | _ | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | _ | _ | _ | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | _ | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | _ | _ | X | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | _ | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | _ | X | _ | X | 192.168.99.73 | | ||
| + | | 192.168.99.73 | X | _ | _ | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | _ | X | X | X | 192.168.99.73 | | ||
| + | | 192.168.99.73 | X | _ | X | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | X | _ | _ | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | X | _ | X | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | X | _ | X | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | X | _ | X | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | X | X | _ | X | 192.168.99.73 | | ||
| + | | 192.168.99.73 | X | _ | X | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | _ | X | X | X | X | 192.168.99.73 | | ||
| + | | 192.168.99.73 | X | X | _ | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | _ | _ | _ | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | _ | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | _ | _ | X | X | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | _ | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | _ | X | _ | X | 192.168.99.73 | | ||
| + | | 192.168.99.73 | X | X | _ | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | _ | X | X | X | 192.168.99.73 | | ||
| + | | 192.168.99.73 | X | X | X | _ | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | X | _ | _ | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | X | X | X | _ | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | X | _ | X | X | 192.168.11.211 | | ||
| + | | 192.168.99.73 | X | X | X | X | _ | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | X | X | _ | X | 192.168.99.73 | | ||
| + | | 192.168.99.73 | X | X | X | X | X | _ | 192.168.11.212 | | ||
| + | | 192.168.99.73 | X | X | X | X | X | X | 192.168.99.73 | | ||
infoblox_nios/forwarding.1734808993.txt.gz · Last modified: by bstafford