...
Figure 8.7 Appliance Management from One or More Management Systems| Drawio |
|---|
| border | true1 |
|---|
| viewerToolbar | true |
|---|
| fitWindow | false |
|---|
| baseUrl | https://infoblox-docs.atlassian.net/wiki |
|---|
| diagramName | 8.7 |
|---|
| simpleViewer | false |
|---|
| widthzoom | 1 |
|---|
| pageId | 22250501 |
|---|
| custContentId | 7345620 |
|---|
| lbox | 1 |
|---|
| contentVer | 1 |
|---|
| revision | 2 |
|---|
|
Similarly, you can restrict management access to a Grid Master to only those appliances connected to the MGMT ports of the active and passive nodes of the Grid Master.
To enable the MGMT port on an independent appliance or Grid Master for appliance management and then cable the MGMT port directly to your management system or to a network forwarding appliance such as a switch or router:
...
This ensures that all database synchronization and Grid maintenance operations are inaccessible from other network elements while the common Grid members provide network protocol services on their LAN ports.
Figure 8.8 shows how Grid members communicate to the master over a dedicated subnet.
Figure 8.8 Grid Communications| Drawio |
|---|
| border | true |
|---|
| viewerToolbar | true |
|---|
| fitWindow | false |
|---|
| diagramName | 8.8 |
|---|
| simpleViewer | false |
|---|
| width | 1 |
|---|
| baseUrl | https://infoblox-docs.atlassian.net/wiki |
|---|
| diagramName | 8.8 |
|---|
| zoom | 1 |
|---|
| pageId | 22250501 |
|---|
| custContentId | 7345626 |
|---|
| lbox | 1 |
|---|
| contentVer | 1 |
|---|
| revision | 1 |
|---|
|
Enabling Grid Communications over the MGMT Port for Existing Grid Members
...
You can configure
a single independent appliance or single Grid member to provide DNS services through the MGMT port in addition to the LAN port. For example, the appliance can provide DNS services through the MGMT port for internal clients on a private network, and DNS services through the LAN port for external clients on a public network.
While providing DNS services on the MGMT port, you can still use that port simultaneously for appliance management.
Figure 8.9 shows a management system communicating with a single independent appliance through its MGMT port while the appliance also provides DNS services on that port to a private network. Additionally, the appliance provides DNS services to an external network through its LAN port.
Figure 8.9 DNS Services on the LAN and MGMT Ports, and appliance Management on the MGMT Port | Drawio |
|---|
| border | true1 |
|---|
| viewerToolbar | true |
|---|
| fitWindow | false |
|---|
| baseUrl | https://infoblox-docs.atlassian.net/wiki |
|---|
| diagramName | 8.9 |
|---|
| simpleViewer | false |
|---|
width | | zoom | 1 |
|---|
| pageId | 22250501 |
|---|
| custContentId | 8656120 |
|---|
| lbox | 1 |
|---|
| contentVer | 1 |
|---|
| revision | 1 |
|---|
|
Like a single independent appliance, a single Grid member can also support concurrent DNS traffic on its MGMT and LAN ports. However, because you manage all Grid members through the Grid Master, a Grid member only uses an enabled MGMT port to send SNMP traps, syslog events, and email notifications, and to receive SSH connections.
In addition, the active node of an HA pair can provide DNS services through its MGMT port. To use this feature, you must enable DNS services on the MGMT ports of both nodes in the HA pair and specify the MGMT port IP addresses of both nodes on the DNS client as well, in case there is a failover and the passive node becomes active. Note that only the active node can respond to queries that it receives. If a DNS client sends a query to the MGMT port of the node that happens to be the passive node, the query can eventually time out and fail.
To enable DNS services on the MGMT port of an appliance:
...
