03-02-2022 01:23 AM
I pre-configured the entire Infoblox environment. Grid, grid members, anycast together with BGP etc. I set up some views in the configuration. In each of the views I set one and the same sample zone, which will return different records depending on what client will send the query. I configured named ACLs for each view and pinned them as match clients. Even though the access-lists are configured correctly their behavior is very random. Sometimes the client gets the correct answer with the record it is asking for and sometimes the query refused. In the last phase of testing and configuration of ACLs it came to the point, that whoever would not ask for a record in a given zone always gets a query refused answer, despite the fact that he should correctly catch in the acl. Example ACLs which was build for one of the view:
10.10.0.0/16 permit type network
10.11.0.0/16 permit type network
10.12.12.10 permit type host
any any deny
Is there something I should pay special attention to? Maybe I am doing something wrong and acl should be configured differently?
Thanks for help