Large enterprises have distributed, but isolated and complex DNS infrastructures that require access to applications in various clouds or hosted on-premise DNS servers. In many instances, this requires manually creating forwarding rules that are regularly updated by automated mechanisms or manually as DNS zones scale. This can lead to brittle DNS systems that require overhead and upkeep to ensure that the infrastructure is operational. In addition, internal root hints and internal recursive servers must have knowledge of these disparate DNS environments to ensure resolution across the DNS space. This complexity is alleviated with Edge Resolver.
Edge Resolver introduces a new discovery service that can be configured to discover DNS forward and reverse lookup zones across multiple Address Manager configurations and DNS views. The zones discovered by the service are then stored in the Cloud Instance where they are then distributed to the DNS Resolver Service (starting in version 3.11.0). This is done through Site configurations containing Discovered Namespaces. The Discovered Namespaces can be further configured to provide granular control over different discovered environments. In the Discovered Namespace, you can also configure fallback forwarders to recursively resolve any DNS records that link to non-discovered zones, such as CNAME chains.
bluecatnetworks.com
zone and you have a CNAME record
example.bluecatnetworks.com
for a host record
someother.domain
, you cannot directly resolve the host record
someother.domain
. You must configure a fallback forwarder to
resolve the host record in the non-discovered zone.The discovery service uses user-supplied configurations to discover one or more DNS spaces across Address Manager. Each DNS zone that is discovered also contains information about the DNS servers that are authoritative for that zone or forwarder of that zone. With this understanding of per-zone forwarders, BlueCat Edge can now perform resolution across these DNS zones without the need to specify forwarders for the namespace.
Once you have discovered the DNS information, deploy DRS to the service point that provides recursive resolution. DRS evaluates any domains found in the Address Manager list and its internal knowledge of cloud zones to resolve any query needs to follow CNAME chains.