Meraki

Community

Split DNS API

jimmyt234
Building a reputation
2 weeks ago
2 weeks ago

Split DNS API

APIs for Local and Split DNS Service

This feature allows administrators to determine which DNS requests are answered by which DNS servers.

 

I have raised a Meraki support ticket, but wanted to reach out to the community anyway to see if anyone had used this API / new feature yet.

 

The first issue I had is when trying to add multiple nameserver addresses, it threw an error saying: "More than one address is in addresses"

 

 

import requests

url = "https://api.meraki.com/api/v1/organizations/ORG_ID/appliance/dns/split/profiles"

payload = '''{
    "name": "8x8 DNS Profile",
    "hostnames": [ "*.8x8.com", "*.packet8.net" ],
    "nameservers": { "addresses": [ "8.28.0.9", "192.84.18.11" ] }
}'''

headers = {
    "Authorization": "Bearer API_TOKEN",
    "Content-Type": "application/json",
    "Accept": "application/json"
}

response = requests.request('POST', url, headers=headers, data = payload)

print(response.text.encode('utf8'))

 

 

When I added a profile with only one nameserver I was not convinced it was actually redirecting traffic to the specified nameserver, because a packet capture on the Internet port showed the DNS query going to the clients DNS server, which is set to Proxy to upstream DNS rather than the one added in the DNS profile via the API...

 

 

0 Kudos
6 Replies 6
PhilipDAth
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

This is an interesting new feature you have found.

 

I suspect you'll need to be running the latest MX 19.x code for this to work.

0 Kudos
In response to PhilipDAth
jimmyt234
Building a reputation
2 weeks ago
2 weeks ago

I am 😊

sungod
Kind of a big deal
2 weeks ago
2 weeks ago

This is an Early Access call, it may be that it's still being tweaked/debugged.

 

I'd post the query in the API Early Access group https://community.meraki.com/t5/API-Early-Access-Group/gh-p/api-early-access if you're not a member you can request access.

 

There's also a direct feedback email available, you'll see it if/once you have group access.

In response to sungod
jimmyt234
Building a reputation
2 weeks ago
2 weeks ago

Thanks @sungod I found this early access group last night and was granted entry this morning. I have emailed the direct feedback address and will see where that gets me. 🙂

0 Kudos
jimmyt234
Building a reputation
yesterday
yesterday

I've got one step further, in that there is a second API call required to then bind the split DNS profile to a network: Create Organization Appliance Dns Split Profiles Assignments Bulk Create - Meraki Dashboard API v1 -...

 

Alas it still didn't work and support were unable to help due to: "As this feature is still in its early stages of development and we currently do not have any documentation surrounding the requirements for the feature we will need to await later releases of the feature from our development team."

 

I will wait some more months and see what happens.

 

0 Kudos
In response to jimmyt234
sungod
Kind of a big deal
yesterday
yesterday

I suggest post on the EA group that you are interested in this feature and would like to help with testing/feedback if possible.

 

On other EA calls there has been opportunity to do this.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.