Reply
Highlighted
Accepted Solution

World Wide Wapi access Infoblox Grid is SPOF, how solve?

[ Edited ]
Authority
Posts: 18
3338     0

Hallo Forum

 

I hope you can help me to find solution for the following.

We are rollingout world Wide DDI based on infoblox which is high available, In our entreprise we have one globale AD domain and accessed from everywhere on the globe, Cloud/VM automation is done via the WAPI. 

The Infoblox GRid (HA) becomes a Single point of Failure in the global automation how can we arrange that GUI and WAPI for one domain can be done from different accesspoint for example from Asia / Ammericas / Europe.

 

Please advise me how to solve this infoblox spof, i cant segmentate the domain with subdomains..

 

Chris

Re: World Wide Wapi access Infoblox Grid is SPOF, how solve?

Adviser
Posts: 357
3339     0
You should look into the cloud platform appliances (CP appliances). They allow you to delegate address space and zones to different appliances (HA pairs). So, for example, you could say that 10.10.0.0/16 is owned by one particular HA pair and 10.11.0.0/16 by a different pair, that may be located in a different geo. This eliminates global SPOF (well they *are* HA pairs to even now it’s not *single* point of failure). It also distributes load and moves API endpoints closer to their managed geos.

Re: World Wide Wapi access Infoblox Grid is SPOF, how solve?

Authority
Posts: 18
3339     0

 

Hoi JBelamaric

 

Thanks for your quick response, Top!!!!!

 

So what you are saying is, that it is possible  when i have CP appliance's in  ASIA, EUROPE and Americas, where ever,  i can delegate the zone blabla.companyname.internal  (Whe have a internal Root) to all these appliances in these regions. Than i have the posibility to add/delete/Update (All WAPI Calls) the zone blabla.companyname.internal via the wapi communicating to the ASIA CP and this modifications come available in the DNS. While the Americas Cloud will do the wapi call also to the zone blabla.companyname.net but communicated WAPI to the CP appliance in the states and this updates come also available in the DNS. Authorisation is arranged via Network deligation.

 

I am not able to do segmenation of blabla.companyname.net  via sub zones because this domain is related to Active Directory its the design :-(

 

Where can i find the detail Manual or Information About CP?

 

Again Thanks

 

Chris

 

Re: World Wide Wapi access Infoblox Grid is SPOF, how solve?

Adviser
Posts: 357
3339     0
I am not sure if you can use WAPI to modify the same zone across multiple CPs. I *think* you can - if you use the multi-master DNS feature too. But not 100% sure. You’ll need to talk to your account team to get details. There may be something on the support site too - and you should be able to get an eval version - they CP appliances are virtual.

Re: World Wide Wapi access Infoblox Grid is SPOF, how solve?

Authority
Posts: 18
3339     0

Reading the admin guide Chapter 7, i think for single domain it wil be hard, I will contact Infoblox support team how to fix this, Thanks for your reaction and time

 

 

Chris

Showing results for 
Search instead for 
Do you mean 

Recommended for You

Demo: Infoblox integration with Cisco CliQr (now called Cloud Center)