You can configure two appliances as an HA (high availability) pair to provide hardware redundancy for core network services and Infoblox Advanced DNS Protection. For more information, see About Infoblox Advanced DNS Protection.
An HA pair can be a Grid Master, a Grid Master candidate, a Grid member, or an independent appliance. A An HA pair can comprise two physical appliances or two virtual appliances. From NIOS 8.6.x onwards, NIOS also supports HA pairs that comprise a physical appliance and a virtual appliance. For limitations of using this combination, see Limitations of Using a Combination of a Physical Appliance and a Virtual Appliance for HA.
The two nodes that form an HA pair—identified as Node 1 and Node 2—are in an active/passive configuration. The active node receives, processes, and responds to all service requests. The passive node constantly keeps its database synchronized with that of the active node, so it can take over services if a failover occurs. A failover is the reversal of the active/passive roles of each node; that is, when a failover occurs, the previously active node becomes passive and the previously passive node becomes active. You can configure an HA pair in either IPv4, IPv6, or in dual mode. An IPv4 HA pair uses IPv4 as the communication protocol between the two nodes and an IPv6 HA pair uses IPv6 as the communication protocol between the two nodes. But in a dual mode HA pair, you can select either IPv4 or IPv6 as the communication protocol between the two nodes. Note that when you add a dual mode HA member to a Grid, the communication protocol between the two nodes of an HA pair must be the same as the Grid communication protocol.
| Note |
|---|
Note HA Grid Master and HA Grid Master Candidate configurations are not supported when Threat Protection licenses are installed on the appliance. |
When you configure For Infoblox, only the active node in an HA pair using the IB-4030-10GE (Rev-1 or Rev-2) appliance for DNS cache acceleration, the passive node does not operate with a pre-loaded cache or hot cache during a failover; it builds up the DNS cache over time. For more information about HA and other limitations for the IB-4030-10GE appliances, refer to the Infoblox DNS Cache Acceleration Application Guide. For Infoblox, only the active node in an HA pair handles DNS traffic. The passive node is in a standby mode ready handles DNS traffic. The passive node is in a standby mode ready to take over if a failover occurs.
The appliance uses the following components in the HA functionality:
...
Using bloxSYNC and VRRP combined, if the active node fails or is taken offline for maintenance purposes, the passive node assumes the VIP and continues to respond to requests and services with minimal interruption. You can deploy an HA pair as a Grid Master, a Grid member, or an independent HA. To deploy an independent HA pair, see Deploying an Independent HA Pair. To deploy an HA Grid Master, see Creating a Grid Master.
This topic includes the following sections:
| Table of Contents | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Planning for an HA Pair
To achieve high availability, the HA and LAN1 (or VLAN) ports on both the active and passive nodes are connected to switches on the same network or VLAN. Both nodes in an HA pair share a single VIP address and a virtual MAC address so they can appear as a single entity on the network. You can also assign IPv6 addresses for each of the active and passive nodes, in addition to the IPv6 VIP address.
| Note |
|---|
Note
|
...
VIP: For core network services and for management purposes when the MGMT port is disabled. Both nodes share the same VIP. The VIP is the true public address in which services and daemons are active.
Node 1 HA (active): Source IP for the VIP and VRRP advertisements. Listens on both its LAN and HA ports. For an active HA node, both the LAN interface/address and the HA interface/address belong to the VRRP multicast group.
Node 1 LAN1 (active): For management through SSHv2 and listens for VRRP advertisements from the HA port.
Node 2 HA (passive): Listens for VRRP advertisements on the LAN port. For a passive HA node, only the LAN interface/address belongs to the VRRP multicast group (using the LAN port's MAC address).
Node 2 LAN1 (passive): Source IP for SSL VPN to the VIP of the active node and receives bloxSYNC from the VIP.
| Note |
|---|
Note An HA member connecting to the Grid Master over the management port should have the LAN1 or HA ports connected to different physical switches to make sure the VRRP packets are exchanged correctly between the active and passive nodes. If the LAN1 or HA ports are connected to the same physical switch, you must configure the LAN1/LAN2 bonding to exchange the VRRP packets between the active and passive nodes. |
...
Check whether the NIOS licenses that you subscribed to support both physical and virtual appliances.
Ensure that the same licenses are installed on both the physical appliance and the virtual appliance.
You cannot have tagged and untagged interfaces on the same subnet on VMware ESXi hypervisors.
Virtual appliances do not support tagging.
LOM (Lights Out Management) is not supported in a hybrid HA setup.
Because port settings are not available for virtual appliances, you cannot join a node if the port settings are overridden.
You cannot combine a platform on which Advanced DNS Protection hardware is running with a platform on which Advanced DNS Protection Software is running.
You cannot configure MTU (Maximum Transmission Unit) in a hybrid HA setup.
You cannot have a combination of an IB-FLEX and a non IB-FLEX appliance.
Auto-provisioning is not supported on virtual appliances; therefore, you cannot use the auto-provisioning feature in a hybrid HA setup.
A hybrid HA setup may cause some performance impact because hybrid HA performance depends on many factors such as the hardware on which the VM is running, the number of VMs contending for the same CPU, RAM, input/output resources, and the overhead generated by the virtualisation layer.
Minor performance differences are expected between the two nodes of a hybrid HA pair. Hybrid HA performance may vary, and it depends on the hardware components on which different virtualization platforms are running and the performance delivered by Infoblox hardware appliances. Different use cases will produce different numbers (slightly increased or decreased CPU usage, disk access time, and so on). Such performance variation is expected and is not a cause of concern.
About HA Failover
The appliance supports HA through bloxHA™, which provides a robust failover mechanism. As described in Planning for an HA Pair, both nodes in an HA pair share a single VIP address and a virtual MAC address. The node that is currently active is the one whose HA port owns the VIP address and virtual MAC address. When a failover occurs, these addresses shift from the HA port of the previous active node to the HA port of the new active node, as illustrated in the figure below.
| Note |
|---|
Note For a vNIOS HA pair, you must configure both LAN1 and HA interfaces to operate. When there is a notification about failure in any one of the port, make sure that both of these ports are working. If one of the port is down and another port is still working, the HA pair believes its peer is active. But, there will be connectivity issues as one of the port is down. An HA failover occurs on vNIOS appliances when both of these ports are down. For details about configuring these virtual NICs, refer to the Infoblox Installation Guide vNIOS for VMware. |
...
From the Grid tab, select the Grid Manager tab -> Members tab.
Select an HA member and click the Edit icon.
In the Grid Member Properties editor, select the Network tab -> Advanced tab and complete the following:
Enable ARP on HA Passive Node?: Select one of the following:
Disable (default): Select this to disable ARP on an HA passive node. This is selected by default.
Enable (not recommended): Select this to enable ARP on an HA passive node.
Save the configuration and click Restart if it appears at the top of the screen.
| Note |
|---|
Note For the Grid having an HA Grid Master and the Enable ARP on HA Passive Node? option enabled, if you try to restore from the HA Grid Master to a single node Grid Master the Grid breaks the configuration and if you try to recover the configuration the system becomes unusable. However, you can recover the configuration by resetting the database. |
| Warning |
|---|
Warning Enabling ARP on the passive node of an HA interface might affect VRRP on the local network and could cause the firewall to send false alerts. |
...
VRRP advertisements are periodic announcements of the availability of the HA node linked to the VIP. The two nodes in an HA pair include a VRID (virtual router ID) in all VRRP advertisements and use it to recognize VRRP advertisements intended for themselves. Only another appliance on the same subnet configured to use the same VRID responds to the announcements. The active node in an HA pair sends advertisements as multicast datagrams every second. It sends them from its HA port using the source IP address of the HA port (not from the VIP address) and the source MAC address 00:00:5e:00:01:vrrp_id. The last two hexadecimal numbers in the source MAC address indicate the VRID number for this HA pair. For example, if the VRID number is 143, then the source MAC address is 00:00:5e:00:01:8f (8f in hexadecimal notation = 143 in decimal notation).
The destination MAC and IP addresses for all VRRP advertisements are 00:00:5e:00:01:12 and 224.0.0.18 (00:00:5e:00:02:12 and FF02::12 for IPv6 only configurations). Because a VRRP advertisement is a multicast datagram that can only be sent within the immediate logical broadcast domain, the nodes in an HA pair must be in the same subnet together.
As illustrated in the figure below, when you configure an HA pair, only the appliance configured to listen for VRRP advertisements with the same VRID number processes the datagrams, while all other appliances ignore them. The passive node in an Infoblox HA pair listens for these on its HA port and the active node listens on its LAN1 or LAN1 (VLAN) port. If the passive node does not receive three consecutive advertisements or if it receives an advertisement with the priority set to 0 (which occurs when you manually perform a forced failover or request the active node to restart, reboot, or shut down), it changes to the active state and assumes ownership of the VIP address and virtual MAC address.
If both nodes go offline, the one that comes online first becomes the active node. If they come online simultaneously, or if they enter a dual-active state—that is, a condition arises in which both appliances assume an active role and send VRRP advertisements, possibly because of network issues—then the appliance with the numerically higher VRRP priority becomes the active node. The priority is based on system status and events.
If both nodes have the same priority, then the appliance whose HA port has a numerically higher IP address becomes the active node. For example, if the IP address of the HA port on Node 1 is 10.1.1.80 and the IP address of the HA port on Node 2 is 10.1.1.20, then Node 1 becomes the active node.
...
| Drawio | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
| Note |
|---|
Note
|
...