Versions Compared

Old Version 9

changes.mady.by.user Panna .

Saved on

compared with

New Version 10

changes.mady.by.user Panna .

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Depending on your deployment and configuration choices, the Ethernet ports on the NIOS appliance perform different functions. The Ethernet ports that handle traffic on the NIOS appliance are as follows:

...

  • Assign VLANs (Virtual LANs) to the LAN1 and LAN2 ports so that NIOS can provide DNS service to different subnetworks on the same interface. For more information about VLANs, see 22249600.
  • Implement DiffServ (Differentiated Services) on the appliance by configuring the DSCP (Differentiated Services Code Point) value. For more information about DiffServ and DSCP, see 22249600 22249600

Anchor
Enabling GUI and API Access on the MGMT
Enabling GUI and API Access on the MGMT
Anchor
bookmark898
bookmark898
Enabling GUI and API Access on the MGMT and LAN1/VIP Ports

...

VLANs and VLAN tagging are supported on both IPv4 and IPv6 transports. This feature is currently supported on the following Infoblox appliances: Trinzic 1410, 1415, 1420, 1425, 2210, 2215, 2220, 2225, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, PT-4000-10GE, TE-1410, TE-1420, TE-1415, and TE-1425. VLAN tagging is not supported on TE-100, TE-810, TE-815, TE-820, and TE-825. For more information about VLAN support for an Infoblox-4030 appliance, refer to the DNS Cache Acceleration Application Guide. For information about these appliances, refer to the respective installation guides on the Infoblox Support web site at http://www.infoblox.com/support.
Currently, only the DNS service can listen on specific VLAN interfaces. The DHCP service listens only on the primary VLAN interface (tagged or untagged). You can also specify VLANs as the source port for sending DNS queries and notify messages. For information about how to configure these, see Specifying Port Settings for DNS.
Additional VLAN support is available exclusively for discovery on the following Network Insight appliances: ND-1400, ND-1405, ND-2200, ND-2205, ND-4000, ND-V1400, ND-V1405, ND-V2200, and ND-V2205. Binding other services on
the VLAN interfaces of the Network Insight appliances is not supported.

...

  1. From the Grid tab, select the Grid Manager tab -> Members tab -> Grid_member check box, and then click the Edit icon.
  2. Select the Network -> Basic tab in the Grid Member Properties editor.
  3. In the Additional Ports and Addresses table, click the Add icon and select either MGMT (IPv4), MGMT (IPv6), LAN2 (IPv4), LAN2 (IPv6), Additional Address (loopback) (IPv4), Additional Address (loopback) (IPv6), LAN1 (VLAN)(IPv4), LAN1 (VLAN)(IPv6), LAN2 (VLAN)(IPv4) or LAN2 (VLAN)(IPv6) from the drop-down list. You can add up to 10 IPv4 and 10 IPv6 VLANs for each interface. Note that you can configure only IPv4 VLAN addresses for an IPv4 Grid member and only IPv6 VLAN addresses for an IPv6 Grid member, but for a dual mode Grid member you can configure both IPv4 and IPv6 VLAN addresses.
    • MGMT (IPv4): Select this to configure IPv4 address for MGMT port. Note that the Infoblox-4030 appliance supports a /32 configuration for IPv4 on MGMT and supports multi-interface only when both LAN1 and MGMT are on the same subnet.
    • MGMT (IPv6): Select this to configure IPv6 address for MGMT port. Note that Infoblox-4030 appliance supports a /128 prefix configuration for IPv6 on MGMT and supports multi-interface only when both LAN1 and MGMT are on the same subnet.
    • LAN2 (IPv4): Select this to configure IPv4 address for the LAN2 port for DHCP or DNS. Note that Infoblox-4030 appliance supports a /32 configuration for IPv4 on LAN2 and supports multi-interface only when both LAN1 and LAN2 are on the same subnet. This is not applicable to Trinzic 100 appliance.
    • LAN2 (IPv6): Select this to configure IPv6 address for the LAN2 port for DHCP or DNS. Note that Infoblox-4030 appliance supports a /128 prefix configuration for IPv6 on LAN2 and supports multi-interface only when both LAN1 and LAN2 are on the same subnet. This is not applicable to Trinzic 100 appliance.
    • Additional Address (loopback) (IPv4): Select this to add a non-anycast IPv4 address to the loopback interface. Note that you can configure this for IPv4 and dual mode Grid member.
    • Additional Address (loopback) (IPv6): Select this to add a non-anycast IPv6 address to the loopback interface. Note that you can configure this for IPv6 and dual mode Grid member.
    • LAN1 (VLAN) (IPv4): Select this to add a VLAN to the LAN1 interface. You can add up to 10 IPv4 VLAN addresses. Note that you can configure this for IPv4 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GE appliances. VLAN tagging is not supported on TE-100, TE-810, TE-815, TE-820, TE-825, and vNIOS virtual appliances.
    • LAN1 (VLAN) (IPv6): Select this to add a VLAN to the LAN1 interface. You can add up to 10 IPv4 and 10 IPv6 VLAN addresses. Note that you can configure this for IPv6 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GEappliances.
    • LAN2 (VLAN) (IPv4): Select this to add a VLAN to the LAN2 interface. You can add up to 10 IPv4 VLAN addresses. Note that you can configure this for IPv4 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GE appliances.
    • LAN2 (VLAN) (IPv6): Select this to add a VLAN to the LAN2 interface. You can add up to 10 IPv6 VLAN addresses. Note that you can configure this for IPv6 and dual mode Grid member. This is supported on Trinzic 2210, 2215, 2220, 2225, Infoblox-1410, Infoblox-4010, Infoblox-4030-Rev1, Infoblox-4030-Rev2, Infoblox-4030-10G, PT-1400, PT-1405, PT-2200, PT-2205, PT-4000, and PT-4000-10GE appliances.
  4. Enter the following:
    • Interface: Displays the name of the VLAN interface. This can be LAN1 (VLAN)(IPv4), LAN1 (VLAN)(IPv6), LAN2 (VLAN)(IPv4), or LAN2 (VLAN)(IPv6) depending on your selection. You cannot modify this.
    • Address: Type the IP address for the VLAN port.
    • Subnet Mask (IPv4) or Prefix Length (IPv6): For IPv4 address, specify an appropriate subnet mask and for IPv6 address, specify the prefix length. The prefix length ranges from 2 to 127, with common-sense values ranging from /48 to /127 due to the larger number of bits in the IPv6 address.
    • Gateway: Type the IPv4 or IPv6 default gateway address for the VLAN port depending on the type of interface. For IPv6 interface, you can also type Automatic to enable the appliance to acquire the IPv6 address of the default gateway and the link MTU from router advertisements.
      You can now define a link-local address as the default IPv6 gateway and isolate the LAN segment so the local router can provide global addressing and access to the network and Internet. This is supported for both LAN1 and LAN2 interfaces as well as LAN1 and LAN2 in the failover mode.
    • VLAN Tag: Enter the VLAN tag or ID. You can enter a number from 1 to 4094. Ensure that you configure the corresponding switch accordingly. For information about VLANs, see 22249600. 
    • Port Settings: For IPv4 only. From the drop-down list, choose the connection speed that you want the port to use. You can also choose the duplex setting. Choose Full for concurrent bidirectional data transmission or Half for data transmission in one direction at a time. Select Automatic to instruct the NIOS appliance to negotiate the optimum port connection type (full or half duplex) and speed with the connecting switch automatically. This is the default setting. You cannot configure port settings for vNIOS appliances.
    • DSCP Value: Displays the Grid DSCP value, if configured. To modify, click Override and enter the DSCP value. You can enter a value from 0 to 63. For information about DSCP, see 22249600 22249600. 
  5. Save the configuration and click Restart if it appears at the top of the screen.

...

You can override the Grid and member DSCP value at the interface level. For more information, see the following:

...

...

This section provides tables that detail the port usage and source and destination ports for different services, depending on your Grid configuration.
The table below displays the type of traffic per port for both Grid and independent deployments. For a more detailed list of the different types of traffic, see the Sources and Destinations for Services table.
Table 8.3 Appliance Roles and Configuration, Communication Types, and Port Usage

...

To see the service port numbers and the source and destination locations for traffic that can go to and from a NIOS appliance, see the Sources and Destinations for Services table. This information is particularly useful for firewall administrators so that they can set policies to allow traffic to pass through the firewall as required.

...