BlueCat DNS Edge system setup - BlueCat DNS Edge

DNS Edge Deployment Guide
Locale
English
Product name
BlueCat DNS Edge

For more information on DNS Edge, refer to the Deployment Guide, User Guide, and API Guide available on the BlueCat Product Documentation Portal.

If you'd like to opt-in to receive e-mail notifications about DNS Edge product updates, click here.

For detailed information about using DNS Edge, click in the top navigation bar.

To ensure that all DNS Edge features work properly, ensure that your network configuration meets the following requirements.

Environment

You must operate DNS Edge in an IPv4 environment. DNS Edge isn't supported in IPv6 environments.

Cloud Access

Your firewall should allow for:

  • Inbound and outbound access as described in DNS Edge ports.
  • HTTPS proxy bypass (if relevant).

For service points to successfully register and communicate with the DNS Edge cloud, they must be able to connect to and resolve the endpoints listed in the Cloud access requirements.

Finally, if the service point isn't configured with a custom static NTP server, it needs to be able to communicate with the default group of NTP sources:
  • *.coreos.pool.ntp.org (include the asterisk)

Network Bandwidth

BlueCat recommends having a minimum network bandwidth of 50 Mbps for networks where service points are deployed. Service point containers are stored in the US East (N. Virginia) region so you must also consider the latency between your location and where the service point containers are stored.
Note: If your network cannot meet the minimum network bandwidth, you must increase the timeout period to pull the service point image. For more information, refer to article KI-024972 on BlueCat Customer Care.

Virtual Machine

Minimum requirements for your virtual machine:

  • 4GB of memory, 2 vCPU @ 2GHz, 20GB of disk space
Attention:
  • BlueCat recommends upgrading the memory capacity to 8GB when using Threat Protection policies.
  • DNS Edge does not support the oversubscription of resources.

It's best to deploy the virtual machine in a network with access to a DHCP server.

To learn how to install the site image, click here.

If you need to use a static IP, click here for guidelines.

Client devices

You should configure client devices on your network to point at the DNS Edge site IP address as the resolver. Deploy the site in the same network as the DNS clients (or in such a way that no translation of address is performed) so the site can see the client IP addresses part of UDP datagrams.

DNS Edge administration device

The client device from which you log in to the DNS Edge web application must have unrestricted HTTPS access to the following end points (where <customerURL> is the URL of your DNS Edge instance):
  • <customerURL>
  • api-<customerURL>
Attention:
  • You must add security exceptions for the DNS Edge web application in any privacy browser extensions.
  • You must enable third party cookies on your browser to access the DNS Edge web application.
Note: To upload a list of domains, the client device from which you log in to the DNS Edge web application must allow multipart/form-data uploads.

Forwarding DNS

The default DNS forwarder is set to 8.8.8.8. After you log in to DNS Edge, you can customize the default DNS forwarders for your organization to save time when you create your sites. See Namespaces and forwarders.