Specifying DNS servers for IP address discovery and reconciliation - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

As part of the discovery process, Address Manager performs FQDN and DNS reverse lookups on discovered hosts in an attempt to associate a DNS name with an IP address. For the IP reconciliation and discovery engine to perform these lookups without issues, you need to specify DNS servers. You specify DNS servers at the global configuration level and for specific IP reconciliation policies.

Note: If you don't set a DNS server either at the global configuration level or specific IP reconciliation policies, the IP reconciliation and discovery engine will use the name server configured from the Address Manager administration console.
  • Global configuration level—DNS servers set at this level can be used by all IP address reconciliation policies within the current configuration.
  • IP reconciliation policies—DNS servers set in IP reconciliation policies will override DNS servers set at the global configuration level. If you want to add DNS servers in an IP reconciliation policy and have multiple IP reconciliation policies, you need to add DNS servers for each IP reconciliation policy.

If you don't use a DNS server, you don't need to specify the server. However, you must select the Skip FQDN/Reverse DNS Resolution option when adding an IP reconciliation policy.

When multiple DNS servers are specified, each will be queried in turn until a positive response, in the form of one or more PTR records, is received. If all servers provide an error or negative response, no host name will be associated with the discovered IP address. This behavior enables the scenario where multiple DNS servers must be queried to resolve PTR records for a single IP reconciliation policy. For example, if a policy is created for 192.168.0.0/23 and two distinct DNS resolvers must be queried for PTR records within 192.168.0.0/24 and 192.168.1.0/24, configuring both of those DNS servers on the policy will enable resolution for both networks.

Note: Creating a broad IP reconciliation policy that covers a large area of IP space, such as 10/8, and configuring multiple DNS servers with distinct configurations on the policy, can increase network traffic and time to complete discovery. BlueCat recommends that you create policies of a smaller size and list only enough DNS servers to cover resolution and redundancy requirements for that specific policy’s IP space.