Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

Join Infoblox to Master Grid timeout

New Member
Posts: 2
11831     0

Hi

 

I am not able to connect two infobloxes instances together. One is set as master grid and second when i am trying to join results with timeot. Firewall are set off on both machines. Ping is successfullt from both machines.

 

Executed on second infoblox machine process:

 

Grid properties wizzard ->  Join Existing Grid   

 

 

infoblox logs "Contacting the grid master at 10.150.17.253..."  and nothing happens, any thoughts what shall i do more ?

Re: Join Infoblox to Master Grid timeout

Adviser
Posts: 109
11831     0

If you run a Traffic Capture on the Grid Master while attempting to join the Grid member, that will allow you to check after the fact and see if any traffic is actually reaching the Grid master. If no traffic is seen from the appliance that is attempting to join the Grid, you will need to verify your basic networking setup (firewall, router, etc). The Grid communications use ports 2114 and 1194.

 

You will also want to make sure that on your Grid Master and under the Grid -> Grid Manager -> Members tab, that the Grid member has been defined there with the correct member type (vNIOS for virtual appliances) and network settings. If that is not done, this can also cause the join attempt to fail lke you are seeing here.

 

Regards,

Tony

Re: Join Infoblox to Master Grid timeout

Authority
Posts: 8
11831     0

After 10 minutes if communication is not made, the connection should time out and fail.  You should see the failure error message on the appliance you are attempting to join to the Grid.  Are there any specific connection options you have enabled in the settings? --> i.e. via MGMT port; are you joining a single appliance to a single appliance, or attempting an HA configuration?

 

As Tony stated, a traffic capture will give you better insight to what is actually happening. 

Re: Join Infoblox to Master Grid timeout

New Member
Posts: 2
11831     0

I am trynig to connect using single applience to single applience. After timeout  i have in terminal : 

Failed to contact MASTER; wrong IP or node was not added at master
The join parameters were:
Master VIP: 10.150.16.4
Grid Name: 10.150.16.4
Grid Shared Secret: ******

 

One more issue, i have installed one more instance on VM-Ware host  and cant enable UI.

Error: Cannot enable Web UI on virtual appliance 'IB-VMWARE' model.

 

Thanks in advance for help. 

Patios

Re: Join Infoblox to Master Grid timeout

New Member
Posts: 2
11831     0

I'm also having issue joining a vNIOS instance to a grid master. I did a packet capture and I'm seeing traffic from the member but no reply from the grid master

 

member: 10.1.10.101

master: 10.1.10.100

 

aaa.png

 

The member and master are on the same subnet so no firewall related issue there. I can ping other from both devices.

 

I've added the member on the Grid master's grid manager page and checked all the IPs...

 

Re: Join Infoblox to Master Grid timeout

New Member
Posts: 2
11831     0

I can ping the other from both

 

bbb.png

Re: Join Infoblox to Master Grid timeout

New Member
Posts: 1
11831     0

I agree, 10 minutes if the new memeber fails to join.

Less than that if it succeeds, as it does not timeout.

 

I find that I can never get the members to join if the MGMT port is chosen:

i.e. this option:

Enable grid services on the Management port? (y or n): y

 

Only once choosing no does it join correctly:

Enable grid services on the Management port? (y or n): n

(Afterwards I configure Management port via the GUI).

Re: Join Infoblox to Master Grid timeout

New Member
Posts: 1
11831     0

Thank You so much!

Re: Join Infoblox to Master Grid timeout

New Member
Posts: 1
11832     0

Hi,

if you are seeing an appliance showing as ib-vmware, you haven't installed a vnios license.

1. From the console on your GM ensure you have added the correct vnios license for you appliance.   You can check with show license 
2. If you don't have the vnios license you need to install the correct one, in a lab environment go to the command line/console and issue set temp_license there will be an option for vnios, select that and then it will prompt you for the correct vnios license for your platform.   Make sure you select the correct one otherwise it can cause issues, I accidentally selected the wrong one and even though I deleted it, it stayed showing up as deleted, and would not then let me add the correct one stating one was already present.
3. This needs to be on both the GM and Member.

When tshooting join issues the pattern I follow is:
1. set the network but don't join to the grid.
2. ensure you can ping all the way to the GM from the command line.
3. Check that all firewall ports required are open.
4. Check that the required licenses are there (show license) (set temp_license)

5. Ensure for both the GM and Member that the correct hardware type is set in the member properties.
6. Ensure that the networking matches on the network part of member properties and GM.
7. Ensure that the correct grid name and join password is selected 
8. Then try to join.

I have yet to see a member not join if those are all correct.
after that, I would try chaning the join password in case you didn't rember it, then it's down to looking at the grid and member logs and some packet captures to ensure the member is actually reaching the GM.

hope that helps!

Showing results for 
Search instead for 
Did you mean: 

Recommended for You