New on the Blog

What Enterprises Need to Know (and Do) Now That North America is IPv4 Exhausted

ARIN announced today that they are down to their last /8 (roughly 1.6 million) of IPv4 addresses. Here’s what you need to know and do:

It’s telling that two of the IPv4 blocks ARIN allocated immediately prior to their announcement went to two large service providers: reportedly, Comcast and Akamai. After all, it’s service providers that require a supply of addresses to continue to grow and be profitable.

ARIN Runs Out of IPv4 Addresses

Regional Internet Registries (RIRs) have been running out of IPv4 addresses to give to organizations that operate in their respective geographies.  Early on the run-out was difficult to predict because policies were still in flux.  However, in recent years, with the soft-landing policies each RIR adopted the recent address run-out has been slow but steady.

DNS-based Authentication of Named Entities (DANE)

Most people like you who are reading an Infoblox blog are familiar with the benefits of using DNSSEC to provide authentication and integrity for your DNS information.  DNSSEC is a lot like dental floss: we all know that it is good for our health, but few enterprise organizations actually put forth the effort to implement the best practice.  If organizations do not use DNSSEC then they are susceptible to a variety of DNS-based attacks.  Attackers

Infoblox Statement ABout OpenSSL "Heartbleed" Defect

A customer notification was sent out Friday April 11, 2014.


  1. Infoblox DDI and NetMRI products are NOT effected by the OpenSSL "Heartbleed" defect.
  2. Infoblox Customer Support Portal has been patched, eliminating the defect - customers are strongly encouraged to change their support passwords.


Dear Infoblox Customer,

IPv6 is still evolving - New DHCPv6 RFC is published

While IPv6 has been in existence for close to 20 years now it would be a mistake to say the protocol is not continuing to evolve to meet the needs of operators (service providers, enterprises and others). This is borne out in some newer RFCs that have been published recently. Earlier this year RFC 7078 ( which describes how to distribute IPv6 address selection policy preferences via DHCPv6 was published.

Recent blog activity

Coming Soon: An IPv6-Only Facebook

Posted by Tom Coffeen

Posted: April 01, 2014 - 03:39:49 PM

As I mentioned in my last blog I had the opportunity to present at the World IPv6 Congress 2014 in Paris, France (life’s rough!).  The event was well-attended by representatives from many IPv6 gurus and early adopters. 

A few days ago, one of our large DDI customers called our account team and said that their network was under active attack. Their Information Security Department was in what they called “response security mode.”

On February 11, a zero-day exploit was discovered targeting systems running fully patched versions of Internet Explorer 9 or 10.  Malware using this attack was being hosted from the compromised site of the U.S. Veterans of Foreign Wars (VFW) Website, targeting visitors to the site. The...

DNS Attacks in Romania

Posted by Infoblox Securi...

Posted: March 31, 2014 - 12:08:31 PM


Global Internet Stewardship

Posted by Kenny Burroughs

Posted: March 25, 2014 - 09:25:19 AM

In an attempt to, among other goals, complete the privatization of the Internet the United States Government announced Friday the 14th of March 2014 that it does not plan to renew the NTIA contract with ICANN to continue administration of the Internet Identity system. This plan to transfer key...