Adding DHCP reverse zones - BlueCat Integrity - 26.1.0

Address Manager Administration Guide
ft:locale
en-US
Product name
BlueCat Integrity
Version
26.1.0

Create a DHCP reverse zone for reverse DHCP zone declarations to configure TSIG or GSS-TSIG signing of Dynamic DNS updates.

To add a DHCP reverse zone:

  1. Select the IPAM tab in the sidebar, then select DHCP settings.
  2. Select the DHCP zone groups tab.
  3. Select the name of a DHCP zone group in the DHCP zone groups table.
  4. From the DHCP zones tab that opens, select New > DHCP reverse zone.
  5. Under General, configure the following parameters:
    • Primary DNS server address—enter the IPv4 or IPv6 address for the reverse zone’s primary DNS server.
    • Secondary DNS server address—enter the IPv4 or IPv6 address for the zone’s secondary DNS server.
      Note: DHCPv6 server can only communicate with a DNS server over IPv4 for DDNS updates.
      Note: The primary and secondary fields refer to the Windows DNS Server definition of primary/secondary servers (two read/write servers), not the standard primary/secondary architecture of the DNS protocol (where primary is read/write and the secondary is read-only). When adding a forward DHCP zone to non-Windows DNS servers in a standard primary-secondary relationship, fill out only the Primary DNS Server Address field. The Secondary DNS Server Address field is only for Windows DNS Server configurations, where both servers are read/write.
    • Prefix type—select one of the following options:
      • For an IPv4 or IPv6 block or network located on an Address Manager-managed DHCP server, select Under Address Manager Control and select a block or network from the Find a block or network drop-down menu. To filter the list of blocks and networks, type the first few numbers of the block or network range and the existing blocks or networks will be populated.
      • For a reverse zone located on a server not managed by Address Manager, select Third party and type a fully-qualified domain name in the Prefix field.
    • Dynamic update signing key type—select one of the following options to sign DDNS updates for the reverse zone:
      • None—to not sign DDNS updates.
      • TSIG—to sign DDNS updates with a TSIG key.
      • GSS-TSIG—to sign DDNS updates with GSS-TSIG.
  6. In the Change control section, add comments if required.
  7. Select Create or Create and add another.
    Note: IPv6 reverse zone declarations are deployed only with DHCPv6 service deployment.