The MGMT (Management) port is a 10/100/1000Base-T Ethernet connector on the front panel of the TE-906, TE-1506, TE-1606, TE-2306, TE-4106, TE-815, TE-825, TE-1415, TE-1425, TE-2215, TE-2225, TE-4015 and TE-4025 appliances. It allows you to isolate the following types of traffic from other types of traffic on the LAN and HA ports:
...
For information about what types of traffic qualify as appliance management, Grid communications, and DNS services, see the Sources and Destinations for Services table in Configuring Ethernet Ports.
...
Appliance Configuration | Appliance Management | Grid Communications | DNS Services |
|---|---|---|---|
Single Independent Appliance |
| Not Applicable |
|
Independent HA Pair |
| Not Applicable |
|
Grid Master |
|
|
|
Grid Master Candidate |
|
|
|
HA Grid Member |
|
|
|
Single Grid Member |
|
|
|
| HA Grid Master | Not Recommended |
|
|
| HA Grid Master Candidate | Not Recommended |
|
|
`
Although you manage all Grid members through the Grid Master, if you enable the MGMT port on common Grid members, they can send syslog events, SNMP traps, and e-mail notifications, and receive SSH connections on that port.
Infoblox does not support MGMT port usage for some appliance configurations (indicated by the 
symbol in Supported MGMT Port Uses for Various appliance Configurations table ) because it cannot provide redundancy through the use of a VIP. A Grid Master that is an HA pair needs the redundancy that a VIP interface on the HA port provides for Grid communications. Similarly, DNS servers in an HA pair need that redundancy to answer DNS queries. Because the MGMT port does not support a VIP and thus cannot provide redundancy, Grid Masters (and potential Grid Masters) do not support Grid communications on the MGMT port.
In addition, NIOS appliances in an HA pair support DNS services on the active node only (indicated by the 
symbol in Supported MGMT Port Uses for Various appliance Configurations table ). Only the active node can respond to queries that it receives. If a DNS client sends a query to the MGMT port of the node that happens to be the passive node, the query can eventually time out and fail.
The MGMT port is not enabled by default. By default, a NIOS appliance uses the LAN port (and HA port when deployed in an HA pair). You must log in using a superuser account to enable and configure the MGMT port. You can configure both IPv4 address and IPv6 address for the MGMT port of a Grid member. You can enable the MGMT port through the Infoblox GUI, as explained in the following sections.
...
Appliance Management from One or More Management Systems
| inc-drawio | mVer | 2|||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Similarly, you can restrict management access to a Grid Master to only those appliances connected to the MGMT ports of the active and passive nodes of the Grid Master.
To enable the MGMT port on an independent appliance or Grid Master for appliance management and then cable the MGMT port directly to your management system or to a network forwarding appliance such as a switch or router:
...
Drawio mVer 2 simple 0 zoom 1 inComment 0 custContentId 511706008664341592 pageId 73276734 diagramDisplayName Untitled Diagram-1708861939928.drawioGrid Communications lbox 1 contentVer 1 revision 1 baseUrl https://infoblox-docs.atlassian.net/wiki diagramName Untitled Diagram-1708861939928.drawioGrid Communications pCenter 0 width 840830 links tbstyle height 870884
Enabling Grid Communications over the MGMT Port for Existing Grid Members
...
You can configure a single independent appliance or single Grid member to provide DNS services through the MGMT port in addition to the LAN port. For example, the appliance can provide DNS services through the MGMT port for internal clients on a private network, and DNS services through the LAN port for external clients on a public network.
While providing DNS services on the MGMT port, you can still use that port simultaneously for appliance management. The figure below shows a management system communicating with a single independent appliance through its MGMT port while the appliance also provides DNS services on that port to a private network. Additionally, the appliance provides DNS services to an external network through its LAN port.
DNS Services on the LAN and MGMT Ports, and appliance Management on the MGMT Port
| inc-drawio | mVer | 2||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Like a single independent appliance, a single Grid member can also support concurrent DNS traffic on its MGMT and LAN ports. However, because you manage all Grid members through the Grid Master, a Grid member only uses an enabled MGMT port to send SNMP traps, syslog events, and email notifications, and to receive SSH connections.
In addition, the active node of an HA pair can provide DNS services through its MGMT port. To use this feature, you must enable DNS services on the MGMT ports of both nodes in the HA pair and specify the MGMT port IP addresses of both nodes on the DNS client as well, in case there is a failover and the passive node becomes active. Note that only the active node can respond to queries that it receives. If a DNS client sends a query to the MGMT port of the node that happens to be the passive node, the query can eventually time out and fail.
To enable DNS services on the MGMT port of an appliance:
...