close

keyboard_arrow_left

Table of Contents Expand all

play_arrow Overview
- play_arrow Understanding Contrail Controller
  - Contrail Overview
  - Contrail Description
play_arrow Installing and Upgrading Contrail
- play_arrow Supported Platforms and Server Requirements
  - Server Requirements and Supported Platforms
- play_arrow Installing Contrail and Provisioning Roles
- play_arrow Installation and Configuration Scenarios
- play_arrow Upgrading Contrail Software
  - Contrail In-Service Software Upgrade from Releases 3.2 and 4.1 to 5.0.x using Ansible Deployer
  - Contrail In-Service Software Upgrade from Releases 3.2 and 4.1 to 5.0.x using Helm Deployer
- play_arrow Backup and Restore Contrail Software
  - Backing up Contrail Databases in JSON Format
- play_arrow Multicloud Contrail
- play_arrow Using Contrail with Kubernetes
- play_arrow Using VMware vCenter with Containerized Contrail
- play_arrow Using Contrail with Red Hat
  - Deploying Contrail with Red Hat OpenStack Platform Director 13
  - Provisioning Red Hat OpenShift Container Platform Clusters Using Ansible Deployer
- play_arrow Contrail and AppFormix Kolla/Ocata OpenStack Deployment
- play_arrow Using Contrail with Juju Charms
  - Deploying Contrail by Using Juju Charms
- play_arrow Contrail Command
- play_arrow Extending Contrail to Physical Routers, Bare Metal Servers, Switches, and Interfaces
- play_arrow Contrail for Data Center Automation and Fabric Management
play_arrow Configuring Contrail
- play_arrow Configuring Virtual Networks
- play_arrow Example of Deploying a Multi-Tier Web Application Using Contrail
  - Example: Deploying a Multi-Tier Web Application
  - Sample Network Configuration for Devices for Simple Tiered Web Application
- play_arrow Configuring Services
- play_arrow Configuring Service Chaining
- play_arrow Examples: Configuring Service Chaining
- play_arrow Adding Physical Network Functions in Service Chains
  - Using Physical Network Functions in Contrail Service Chains
  - Example: Adding a Physical Network Function Device to a Service Chain
- play_arrow QoS Support in Contrail
  - Quality of Service in Contrail
  - Configuring Network QoS Parameters
- play_arrow BGP as a Service
  - BGP as a Service
  - BGP as a Service in Contrail Release 3.1
- play_arrow Load Balancers
- play_arrow Optimizing Contrail
play_arrow Contrail Security
- play_arrow Contrail Security
  - Security Policy Enhancements
play_arrow Monitoring and Troubleshooting Contrail
- play_arrow Configuring Traffic Mirroring to Monitor Network Traffic
- play_arrow Understanding Contrail Analytics
- play_arrow Configuring Contrail Analytics
- play_arrow Using Contrail Analytics to Monitor and Troubleshoot the Network
- play_arrow Common Support Answers
play_arrow Contrail Commands and APIs
- play_arrow Contrail Commands
- play_arrow Contrail Application Programming Interfaces (APIs)

list Table of Contents

English

Configuring DNS Servers

date_range 16-Oct-23

arrow_backward

arrow_forward

DNS Overview

Domain Name System (DNS) is the standard protocol for resolving domain names into IP addresses so that traffic can be routed to its destination. DNS provides the translation between human-readable domain names and their IP addresses. The domain names are defined in a hierarchical tree, with a root followed by top-level and next-level domain labels.

A DNS server stores the records for a domain name and responds to queries from clients based on these records. The server is authoritative for the domains for which it is configured to be the name server. For other domains, the server can act as a caching server, fetching the records by querying other domain name servers.

The following are the key attributes of domain name service in a virtual world:

It should be possible to configure multiple domain name servers to provide name resolution service for the virtual machines spawned in the system.
It should be possible to configure the domain name servers to form DNS server hierarchies required by each tenant.
- The hierarchies can be independent and completely isolated from other similar hierarchies present in the system, or they can provide naming service to other hierarchies present in the system.
DNS records for the virtual machines spawned in the system should be updated dynamically when a virtual machine is created or destroyed.
The service should be scalable to handle an increase in servers and the resulting increased numbers of virtual machines and DNS queries handled in the system.

Defining Multiple Virtual Domain Name Servers

Contrail provides the flexibility to define multiple virtual domain name servers under each domain in the system. Each virtual domain name server is an authoritative server for the DNS domain configured. Figure 1 shows examples of virtual DNS servers defined in default-domain, providing the name service for the DNS domains indicated.

Figure 1: DNS Servers Examples

IPAM and Virtual DNS

Each IP address management (IPAM) service in the system can refer to one of the virtual DNS servers configured. The virtual networks and virtual machines spawned are associated with the DNS domain specified in the corresponding IPAM. When the VMs are configured with DHCP, they receive the domain assignment in the DHCP domain-name option. Examples are shown in Figure 2

Figure 2: IPAM and Virtual DNS

DNS Record Types

DNS records can be added statically. DNS record types A, CNAME, PTR, and NS are currently supported in the system. Each record includes the type, class (IN), name, data, and TTL values. See Table 1 for descriptions of the record types.

Table 1: DNS Record Types Supported
DNS Record Type	Description
A	Used for mapping hostnames to IPv4 addresses. Name refers to the name of the virtual machine, and data is the IPv4 address of the virtual machine.
CNAME	Provides an alias to a name. Name refers to the name of the virtual machine, and data is the new name (alias) for the virtual machine.
PTR	A pointer to a record, it provides reverse mapping from an IP address to a name. Name refers to the IP address, and data is the name for the virtual machine. The address in the PTR record should be part of a subnet configured for a VN within one of the IPAMs referring to this virtual DNS server.
NS	Used to delegate a subdomain to another DNS server. The DNS server could be another virtual DNS server defined in the system or the IP address of an external DNS server reachable via the infrastructure. Name refers to the subdomain being delegated, and data is the name of the virtual DNS server or IP address of an external server.

Figure 3 shows an example usage for the DNS record type of NS.

Figure 3: Example Usage for NS Record Type

Configuring DNS Using the Interface

DNS can be configured by using the user interface or by using scripts. The following procedure shows how to configure DNS through the Juniper Networks Contrail interface.

Access Configure > DNS > Servers to create or delete virtual DNS servers and records.
The Configure DNS Records page appears; see Figure 4.

Figure 4: Configure DNS Records

To add a new DNS server, click the Create button.

Enter DNS server information in the Add DNS window; see Figure 5

Figure 5: Add DNS Add DNS

Complete the fields for the new server; see Table 2.

Table 2: Add DNS Fields
Field	Description
Server Name	Enter a name for this server.
Domain Name	Enter the name of the domain for this server.
Time To Live	Enter the TTL in seconds.
Next DNS Server	Select from a list the name of the next DNS server to process DNS requests if they cannot be processed at this server, or None.
Load Balancing Order	Select the load-balancing order from a list—Random, Fixed, Round Robin. When a name has multiple records matching, the configured record order determines the order in which the records are sent in the response. Select Random to have the records sent in random order. Select Fixed to have records sent in the order of creation. Select Round Robin to have the record order cycled for each request to the record.
OK	Click OK to create the record.
Cancel	Click Cancel to clear the fields and start over.

To add a new DNS record, from the Configure DNS Records page, click the Add Record button in the lower right portion of the screen.
The Add DNS Record window appears; see Figure 6.

Figure 6: Add DNS Record

Complete the fields for the new record; see Table 3.

Table 3: Add DNS Record Fields
Field	Description
Record Name	Enter a name for this record.
Type	Select the record type from a list—A, CNAME, PTR, NS.
IP Address	Enter the IP address for the location for this record.
Class	Select the record class from a list—IN is the default.
Time To Live	Enter the TTL in seconds.
OK	Click OK to create the record.
Cancel	Click Cancel to clear the fields and start over.

To associate an IPAM to a virtual DNS server, from the Configure DNS Records page, select the Associated IPAMs tab in the lower right portion of the screen and click the Edit button.

The Associate IPAMs to DNS window appears; see Figure 7.

Figure 7: Associate IPAMs to DNS

Complete the IPAM associations, using the field descriptions in Table 4.

Table 4: Associate IPAMs to DNS Fields
Field	Description
Associate to All IPAMs	Select this box to associate the selected DNS server to all available IPAMs.
Available IPAMs	This column displays the currently available IPAMs.
Associated IPAMs	This column displays the IPAMs currently associated with the selected DNS server.
>>	Use this button to associate an available IPAM to the selected DNS server, by selecting an available IPAM in the left column and clicking this button to move it to the Associated IPAMs column. The selected IPAM is now associated with the selected DNS server.
<<	Use this button to disassociate an IPAM from the selected DNS server, by selecting an associated IPAM in the right column and clicking this button to move it to the left column (Available IPAMs). The selected IPAM is now disassociated from the selected DNS server.
OK	Click OK to commit the changes indicated in the window.
Cancel	Click Cancel to clear all entries and start over.

Use the IP Address Management page (Configure > Networking > IP Address Management); see Figure 8) to configure the DNS mode for any DNS server and to associate an IPAM to DNS servers of any mode or to tenants’ IP addresses.
Figure 8: Configure IP Address Management
To associate an IPAM to a virtual DNS server or to tenant’s IP addresses, at the IP Address Management page, select the network associated with this IPAM, then click the Action button in the last column, and click Edit.
The Edit IP Address Management window appears; see Figure 9.

Figure 9: DNS Server

In the first field, select the DNS Method from a list (None, Default DNS, Tenant DNS, Virtual DNS; see Table 5.

Table 5: DNS Modes
DNS Mode	Description
None	Select None when no DNS support is required for the VMs.
Default	In default mode, DNS resolution for VMs is performed based on the name server configuration in the server infrastructure. The subnet default gateway is configured as the DNS server for the VM, and the DHCP response to the VM has this DNS server option. DNS requests sent by a VM to the default gateway are sent to the name servers configured on the respective compute nodes. The responses are sent back to the VM.
Tenant	Configure this mode when a tenant wants to use its own DNS servers. Configure the list of servers in the IPAM. The server list is sent in the DHCP response to the VM as DNS servers. DNS requests sent by the VMs are routed the same as any other data packet based on the available routing information.
Virtual DNS	Configure this mode to support virtual DNS servers (VDNS) to resolve the DNS requests from the VMs. Each IPAM can have a virtual DNS server configured in this mode.

Complete the remaining fields on this page, and click OK to commit the changes, or click Cancel to clear the fields and start over.

Configuring DNS Using Scripts

You can configure DNS by using scripts that are available in the contrail-utils RPM/DEB package in the /opt/contrail/utils directory. The scripts are copied to the config_api_container or config node when you install the contrail-utils RPM/DEB package. You can execute the scripts from either the config_api container or the config node. The scripts are described in Table 6.

CAUTION:

Be aware of the following cautions when using scripts to configure DNS:

DNS doesn’t allow special characters in the names, other than - (dash) and . (period). Any records that include special characters in the name will be discarded by the system.
The IPAM DNS mode and association should only be edited when there are no virtual machine instances in the virtual networks associated with the IPAM.

Table 6: DNS Scripts
Action	Script
Add a virtual DNS server	Script: `add_virtual_dns.py` Sample usage: `python add_virtual_dns.py --api_server_ip 10.204.216.21 --api_server_port 8082 --name vdns1 --domain_name default-domain --dns_domain juniper.net --dyn_updates --record_order random --ttl 1200 --next_vdns default-domain:vdns2`
Delete a virtual DNS server	Script: `del_virtual_dns_record.py` Sample usage: `python del_virtual_dns.py --api_server_ip 10.204.216.21 --api_server_port 8082 --fq_name default-domain:vdns1`
Add a DNS record	Script: `add_virtual_dns_record.py` Sample usage: `python add_virtual_dns_record.py --api_server_ip 10.204.216.21 --api_server_port 8082 --name rec1 --vdns_fqname default-domain:vdns1 --rec_name one --rec_type A --rec_class IN --rec_data 1.2.3.4 --rec_ttl 2400`
Delete a DNS record	Script: `del_virtual_dns_record.py` Sample usage: `python del_virtual_dns_record.py --api_server_ip 10.204.216.21 --api_server_port 8082 --fq_name default-domain:vdns1:rec1`
Associate a virtual DNS server with an IPAM	Script: `associate_virtual_dns.py` Sample usage: `python associate_virtual_dns.py --api_server_ip 10.204.216.21 --api_server_port 8082 --ipam_fqname default-domain:demo:ipam1 --vdns_fqname default-domain:vdns1`
Disassociate a virtual DNS server with an IPAM	Script: `disassociate_virtual_dns.py` Sample usage: `python disassociate_virtual_dns.py --api_server_ip 10.204.216.21 --api_server_port 8082 --ipam_fqname default-domain:demo:ipam1 --vdns_fqname default-domain:vdns1`

arrow_backward PREVIOUS Sample Network Configuration for Devices for Simple Tiered Web Application

NEXT arrow_forward Distributed Service Resource Allocation with Containerized Contrail

Contrail Feature Guide

ON THIS PAGE