Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

InfoBlox Deployment Query

[ Edited ]
New Member
Posts: 2
2984     0

Dear Experts,

 

We are planning to deploy the new InfoBlox HA Pair Members to the existing HA Grid Master. Below are the details,

 

Existing Grid Master VIP - eg 1.1.1.1

 

New HA Pair 

 

VIP - 2.2.2.2

Node 1 LAN1 - 2.2.2.3

Node 2 LAN1 - 2.2.2.4

 

Node1 HA - 2.2.2.5

Node2 HA - 2.2.2.6

 

MGMT - 3.3.3.2

 

Below are the queries,

 

Which IP will be used for configuring the new members and joining to the grid master? LAN or MGMT? 

Which IP is recomended?

Will the future traffic between master and member use the same IP used for joining the grid master?

Will the VIP be used for communication between Grid master and meber or will it be used only for endpoint communication for DNS/DHCP?

 

Appreciate your response.

 

Best Regards,

Ashok M

Re: InfoBlox Deployment Query

Authority
Posts: 18
2984     0

Hi Ashok,


To answer your questions:

 

Which IP will be used for configuring the new members and joining to the grid master? LAN or MGMT?

    This depends on your configuration. When you edit the member at Grid -> Grid Manager -> Members -> Network -> Advanced, look for the checkbox that says "Enable VPN on MGMT Port". If that is enabled, then use the members's MGMT port to connect to the grid. Otherwise, use LAN1. The option is provided when trying to join a member to the grid that has both LAN1 and MGMT configured (use CLI commands "set network" to setup LAN1 and "set interface mgmt" to set up management interface or do these from GUI of member).

 

Which IP is recommended?

    Its up to you, both works- but you can choose to isolate grid communication by switching them to MGMT interface and let the protocol services (DNS/DHCP) have LAN1 for themselves if desired. From the admin guide:
-----
You can isolate all Grid communications to a dedicated subnet as follows:


    - For Grid communications from the Grid Master, which can be an HA pair or a single appliance, the master uses either the VIP interface on the HA port of its active node (HA master) or its LAN port (single master). Neither a single nor HA Grid Master can use its MGMT port for Grid communications. (This restriction applies equally to Master Candidates.)
    - Common Grid members connect to the Grid Master through their MGMT port.


This ensures that all database synchronization and Grid maintenance operations are inaccessible from other network elements while the common Grid members provide network protocol services on their LAN ports.
-----

 

Will the future traffic between master and member use the same IP used for joining the grid master?

    Yes, until the configuration is changed- it will continue to use the same IP/interface


Will the VIP be used for communication between Grid master and meber or will it be used only for endpoint communication for DNS/DHCP?

    VIP of GM will be used for both. If GM is not an HA, LAN1 will be used for both. as for member- that depends on the configuration as mentioned earlier.

 

Re: InfoBlox Deployment Query

New Member
Posts: 2
2984     0

 

 

Thank you very much @Jrajan. I have got what I was looking for. Appreciate it.

 

Best Regards

Ashok M

Showing results for 
Search instead for 
Did you mean: 

Recommended for You