04-27-2020 04:25 AM - edited 04-27-2020 04:35 AM
I'am looking into adding Additional addresses to an HA pair of Infoblox IB-1415 (8.4.6).
The goal i'am trying to achive is to provide DNS and DHCP interfaces into non-routed subnets, thus as layer 2 interfaces.
I tought that I would just have to add additionnal IPv4 VIP with VLAN tagging (which is what I'am looking for), but i'am struggling with some issues :
- I had to allow the appliances to "Listen" for DNS in the Member DNS configuration, but he added an A record with this IP which is non-routed pointing to itself. This means that now anyone, after getting the NS records for my (sub)domains, could potentially get the non routed IP and will never get any response
- I didn't find any option to "Listen" for DHCP on this same interface?
Did I miss something?
Is it possible to achive what I'am looking for?
Should I use another type of subinterface (so not VIP)?
04-28-2020 06:28 AM
The main question here is : is it possible to Listen for DHCP Packets on Additionnal VIPs?
It doesn't seems to work from scratch and I can't find any option to allow it as I could find for the DNS configuration.
04-28-2020 12:24 PM
Currently, only the DNS service can listen on specific VLAN interfaces. The DHCP service listens only on the primary
VLAN interface (tagged or untagged). However, if the primary VLAN interface is untagged, DHCP will serve all VLANs
on that interface because an untagged primary VLAN receives all broadcast packets. You can also specify VLANs as
the source port for sending DNS queries and notify messages.
If I understand correctly, DHCP is not supported on additional VLAN interface, only DNS. There is a trick to still handle broadcast DHCP packets on the untagged interface, but it won't work in my case since the DHCP trafic is coming from a Relay (thus in Unicast).
Can someone confirm that I understand this correctly?
Also, is the behavior the same with loop back interfaces?