Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Trending KB Articles


#79: Troubleshooting issues with HA and Cisco switch ports

When using High Availability (HA) for Infoblox appliances, verify the following items on all four of your Cisco switch ports:


Enable Portfast


Portfast should be enabled on all switch ports going to an Infoblox device. Infoblox devices use VRRP for HA, so timely responses to the multicast packets are required. By turning on portfast, you stop the ports from going in to blocking mode during port initialization, and spanning tree calculations.


Disable Trunking


Infoblox device Ethernet interfaces do not support trunking, so there is really no reason to keep trunking enabled on the switch. With trunking enabled, issues with VRRP have been seen, so turn off trunking for all switch ports being used with an Infoblox device.


Disable Port Channeling


Disable "port channel" for switch ports being used by an Infobox device.

  • The command used for Cisco IOS to do all of the above is: switchport host.
  • The command used for Cisco CAT OS to do all of the above is: set port host <interface/port>.

Further Steps


As with all other network gear, make sure you have the most recent, stable software installed on your switch. For more information, contact your switch provider.


For more information about setting up HA for NIOS appliances, see KB# 87.

Showing results for 
Search instead for 
Did you mean: