Versions Compared

Old Version 3

changes.mady.by.user Shirly Tsang

Saved on

compared with

New Version Current

changes.mady.by.user Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The DFP makes its connection with BloxOne Cloud Infoblox Platform-based on the following rules and conditions:

  • By default, the DFP has provisioned the following four IPv4 global addresses. The DFP monitors the health status of these addresses and sends DNS requests to the first available and healthy address in the following order. In other words, if the first IP address (52.119.41.100) is available but has an unhealthy status, it moves on to the second IP address (10352.80119.640.100) to establish a connection with BloxOne Cloud, Infoblox Platform. Similarly, if the first and second IP addresses are unhealthy, then it moves the the thrid IP address (52.119.41.120) provided that the address is reachable and has a healthy status. Note that the DFP performs periodic health check checks on these addresses every 30 minutes
    1. 52.119.41.100103
    2. 52.
      3. 80
    3. 119.
      4. 6
    4. 40.100
    5. 52.119
      6. .40
    6. .41.120
    7. 103.80.6.100
    8. 103.80.5.100
    The first two
    2. 103.80.6.120
  • The 52.119.41.100, 103.80.6.100, and 103.80.6.120 IP addresses are provisioned under AWS Anycast and GSLB (Global Server Load Balancer), so a DNS client can connect to the nearest AWS entry location. Once a connection is established, the client is routed via AWS GSLB to the nearest PoP (Point of Presence). If the nearest PoP is not reachable, the client is forwarded to another PoP based on the rules described in the first bullet.
  • The last two 52.119.40.100, 52.119.41.120, and 103.80.5.100, IP addresses are routed using Anycast only, and they use a different architecture so the traffic is routed via third-party networks to a PoP.
  • DFP-OPEs are being migrated to the following domain: infobloxtd.com (formerly bloxonetd.com). 
  • If you have defined a PoP for the DFP, only AWS addresses for that PoP are used while everything else works as described in the previous bullets. This connection creates a fail-open architecture. For example, if the PoP in Tokyo is provisioned for the DFP and it is not available, the traffic will be automatically routed to the next PoP based on the user/DFP location.

The following illustration describes the connection rules for the DFP:Image Removed

The diagram depicts a process where a DNS client interacts with a DNS Forwarding Proxy.Image Added
DiagramThe diagram depicts a process where a DNS client interacts with a DNS Forwarding Proxy (DFP) to establish a connection with the nearest Point of Presence (PoP). The DFP has a list of provisioned IP addresses. Initially, the DFP attempts to contact the first IP on the list, but it is marked as unhealthy. The DFP then tries the next provisioned IP address, which is available and healthy.


Excerpt
hiddentrue

Drawio
mVer2
simple0
zoom1
inComment0
custContentId254608707
pageId254608634
diagramDisplayNameDFP Connectivity.drawio
lbox0
contentVer79
revision79
baseUrlhttps://infoblox-docs.atlassian.net/wiki
diagramNameDFP Connectivity.drawio
pCenter0
width814
links
tbstyle
height450.5

...