Multi-primary DNS zones - BlueCat Integrity - 26.1.0

Address Manager Administration Guide
ft:locale
en-US
Product name
BlueCat Integrity
Version
26.1.0
Configuring multi-primary DNS zones ensure that a single primary server does not become a point of failure that could result in a DNS outage in the event of an unexpected error. If you configure multi-primary DNS zones with xHA pairs, you can also configure the multi-primary DNS zones across multiple locations, ensuring scalability and redundancy in the event of a failure at a site location.
Attention: When configuring multi-primary DNS zones with xHA pairs across multiple locations, you must continue to follow xHA requirements and best practices. For example, BlueCat does not recommend configuring xHA pairs across multiple locations where there is high latency between sites. For more information on xHA prerequisites, refer to Prerequisites for xHA.

You can configure and deploy a DNS zone to multiple servers within a multi-primary server group with a multi-primary DNS deployment role. Once you have deployed a multi-primary DNS deployment role to the multi-primary server group for a DNS zone, each server within the server group is deployed with a copy of the DNS zone information; however, each server has its own SOA record.

When configuring a secondary role with a multi-primary DNS roles, the servers with the secondary role must have a zone transfer interface assigned. If you do not configure a zone transfer interface, the servers with the secondary role will not contain configuration for that zone.
Note: If you configure a secondary role on a DNS/DHCP Server where the primary role for that zone in a specific primary server that is part of a multi-primary server group, the nameserver (NS) record of the secondary server appears on all servers that are part of the multi-primary server group, regardless of the specific primary server that the secondary role is linked to.

If dynamic updates are sent to one of the servers for the zone, updates that are accepted will trigger a notification update to Address Manager. Address Manager then updates the records in the DNS zone and synchronizes the changes to the servers within the multi-primary server group.

Limitations
  • You can only configure DNS deployment options on multi-primary server groups. DHCP deployment options cannot be configured on multi-primary server groups.
  • You currently cannot use multi-primary server groups in the reverse DNS space.
  • You can only configure a maximum of 3 DNS/DHCP Servers or xHA pairs to be part of a multi-primary DNS zone.
  • You cannot deploy SOA records to multi-primary server groups, as each server within a multi-primary server group has a unique hostname. If you would like to deploy SOA records to servers within a multi-primary server group, you must deploy the SOA record to each server within the multi-primary server group.

Prerequisites

Before you begin, ensure that the following requirements are met:

  • The DNS/DHCP Server must be running software version 9.6.0.
  • The DNS/DHCP Server must not have any deployment roles attached to it.
  • BlueCat recommends configuring all DNS/DHCP Servers with similar configuration settings, such as dedicated management, notification, and interface settings.
To configure a multi-primary DNS zone:
  1. Ensure that you have added multiple DNS/DHCP Servers under Address Manager control. For more information, refer to Adding DNS/DHCP Servers to Address Manager.
  2. Create a server group with the Multi Primary checkbox selected to enable a multi-primary DNS server group. For more information, refer to Creating or editing a server group.
  3. Add the DNS/DHCP Servers or xHA pairs to the server group. For more information, refer to Adding servers to a server group.
  4. Create a DNS zone and the required resource records or deployment options that you would like to be deployed to the multi-primary DNS server group. For more information, refer to Creating DNS zones.
  5. From the DNS zone, add a Multi-Primary or Hidden Multi-Primary DNS deployment role to the server group. For more information, refer to Adding DNS deployment roles.
  6. Perform a DNS deployment on the server group. For more information, refer to Deploying multi-primary DNS service to a server group.