DHCP zone groups and zones - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

DHCP zone groups are container objects for DHCP zone declarations. You use forward and reverse DHCP zone declarations to configure TSIG or GSS-TSIG signing of Dynamic DNS updates.

To configure a DHCP zone group, you simply specify a name for the container. After creating the DHCP zone group, you assign the group one or more deployment servers. Deployment servers are the servers to which Address Manager deploys the forward and reverse DHCP zones within the group.

To create a forward DHCP zone, you specify a DNS zone, the primary DNS server IP address, and an optional TSIG key or GSS-TSIG DNS service principal. The DNS zone may be a zone under Address Manager control, or it may be a zone outside of your network that you don't manage with Address Manager.

To create a reverse DHCP zone, you specify an IP block or network, the primary DNS server IP address, and an optional TSIG key or GSS-TSIG DNS service principal. The IP block or network may be under Address Manager control, or it may be a block or network outside of your network that you don't manage with Address Manager. The reverse DHCP zone declarations are assignable for IPv6 blocks and networks as well, and can be deployed to the managed DHCPv6 servers only.
Note: Only TSIG keys created with the hmac-md5 algorithm can be used to sign Dynamic DNS updates for forward and reverse DHCP zones.