When your NIOS-X server is disconnected from the Infoblox Portal or when it experiences issues, you can access the Device UI to troubleshoot the problems. The Device UI is designed to display a comprehensive view of the networking health of your server. You can obtain configuration and connectivity data through the Device UI, and perform corrective actions to address applicable issues.

The Device UI performs the following verification:

The IP address of the server
DNS service
DHCP connection
NTP connectivity
Access to the Infoblox Portal
Time synchronization
Explicit proxy test
Docker rules
Docker Bridge settings
Kubernetes Bridge settings
Join token validation

After the Device UI completes the verification, it displays the results and status in the Configuration and Administration sections.

Accessing the Device UI

Open a browser window.
Launch the Device UI by entering the IP address of the server in this format:
https://<Server IP address>
Note that if there was no DHCP server available in your network, and you did not configure a static IP when you initially set up your server, the server will fall back to the default IP address 192.168.1.2.
Enter the following local access credentials:
- Username: Enter admin as the login user name for the server.
- Password: Enter the last eight characters of the serial number for the server. This includes all special characters in the last eight digits of the serial number. For example, if your serial number is AxYz14-893-756, you should enter -893-768.
  - For physical servers (NIOS-X (BloxOne) Physical Server), you can get the serial number through the Infoblox Portal. The serial number is also printed on the physical server itself and is available through the server console (if you connect the server to a computer monitor).
  - For virtual servers (NIOS-X (BloxOne) Virtual Server), you can get the serial number when you connect to the virtual console.

Viewing Device Status and Configuration

When you launch the Device UI, it displays the overall configuration status in the left panel and the configuration details in the right panel

Configuration: Network, HTTP(S) Proxy, Time Settings, Docker, Kubernetes, Authentication, and Cloud Connectivity
Administration: Device Restart, Factory Reset, and Support Bundle

In the left panel, you can view the overall status for each configuration component through the following status icons:

= The service is running properly and connectivity is good. No corrective action is required.
= The service has not been started and no connectivity has been established. Configure the service if necessary.
= The service or connectivity failed. Take corrective actions by modifying the configuration.

In the Configuration pane on the right, you can view the overall status for each service and individual component, as follows:

= The service, connection, and settings have been verified and functioning properly.
= The service or connection has not started yet.
= The service, connection, and/or settings failed. Take corrective actions by modifying the configuration.
= No configuration has been set for this service, therefore, no verification is done until you set up the necessary configuration.

Updating Configuration

In the Configuration panel, the Device UI displays detailed information about the networking and service configurations. You can view the current configuration and connectivity of your server and fix any problematic areas, if applicable.

Notes

You must enable local access on the server before you can make configuration changes to the following settings. For information about local access, see Managing Local Access for Servers.
If you update any configuration on an server that has a connection issue with the Infoblox platform and has a secondary interface configured, the secondary interface could be removed from the server.

Network

Your server must have internet access in order to establish connectivity to the Infoblox Portal.

Select one of the following to set up the network configuration:

DNS Resolvers: You can configure specific DNS resolver(s) that your server uses to resolve DNS requests. For multiple resolvers, enter the IP addresses separated by commas (,).
Example: 1.1.1.1,8.8.8.8

Note

When you add and use a new DNS resolver, the server uses the new resolver and the default settings will not be retained.

IPv4 Network Mode: Select one of the following for your IPv4 network:

DHCP: If your network contains a DHCP server, select DHCP to automatically receive a dynamic IPv4 address for the server.
Static: If you want to assign a specific IPv4 address to your server, select Static to manually configure the IPv4 address, netmask or CIDR, and the default gateway for the server.

IPv6 Network Mode: Select one of the following for your IPv6 network:

DHCP: If your network contains a DHCP server, select DHCP to automatically receive a dynamic IPv6 address for the server.
RA: Select this to use router advertisements in your IPv6 network. The server auto-generates a link-local address to communicate with other servers or neighbors on the same network.
Auto Select: Select this to allow the system to select the best way to obtain an IPv6 address for the server.
Static: If you want to assign a specific IPv6 address to your server, select Static to manually configure the IPv6 address, CIDR, and the default gateway for the server.

Advanced Settings: Expand this section to configure IPv4 and IPv6 MTU (Maximum Transmission Unit) for your network path:

Disable Path MTU Discovery: Toggle to enable or disable path MTU discovery. Path MTU discovery is used to determine the MTU size to avoid IP fragmentation. Path MTU discovery is enabled by default.
IPv4 MTU Settings: Enter the maximum transmission unit for your IPv4 network, which is the size of the largest protocol data unit that can be communicated in a single network layer transaction. Valid values are from 1280 to 9000. For dual stack configuration, valid values are from 1280 to 9000. The default value is 1500.
IPv6 MTU Settings: Enter the maximum transmission unit for your IPv6 network, which is the size of the largest protocol data unit that can be communicated in a single network layer transaction. Valid values are from 1280 to 9000. The default value is 1500.

The system validates the IP address, DHCP connection, and the DNS service, and the Device UI displays the current status of each component.

HTTPS(S) Proxy

Based on your business needs, you may need to configure an HTTP or HTTPS proxy server to handle HTTP(S) requests from clients over the LAN or Internet.

Enter the HTTP or HTTPS proxy in this format: http(s)://[username:password@]<proxy domain>:<proxy port>

Where

username and password = The credential you use to log in to the proxy.
proxy domain = The domain name of the proxy.
proxy port = The port number you use to access the proxy.

Example: https://joesmith:Welc0me123!@proxy.example.com:443

Time Settings

You can set up specific NTP server(s) with which your server synchronizes time. If you have not configured any NTP server or local DNS resolver, the server uses the Ubuntu NTP server (ntp.ubuntu.org or ubuntu.pool.ntp.org) and Universal DNS (IP: 52.119.40.100). Note that the communication to these services does not go through the HTTPS proxy, and you must ensure that the NTP port (UDP 123) and the DNS port (TCP/UDP 53) are opened on your firewall.

To configure NTP server(s), enter the IP address(es) or FQDN(s) of the NTP servers, separated by commas (,).

Example: 10.102.3.10,1.us.pool.ntp.org,10.120.3.10

Note

When you add and use a new NTP server, the server uses the new NTP server and the default settings will not be retained.

Docker

If your network service is deployed in a Docker container, you must complete the Docker configurations so your server can communicate with your network.

To configure Docker, enter the Docker bridge IP address and its netmask.

Example: 192.168.1.5/24

Note

You can use an IP address for the Docker Bridge in a network no larger than a /24 subnet.

Kubernetes

You can configure the Kubernetes Bridge settings in this section. If the network CIDRs are not configured, the Kubernetes Bridge uses the default IP of 10.42.0.0/16 for the cluster CIDR and 10.43.0.0/16 for the service CIDR. The system conduct a health check on the setting and displays OK if the settings are valid.

A screenshot of the Kubernetes Bridge Settings dialog box. It contains a text field for entering a Cluster CIDR, a text field for entering a Service CIDR, an OK button for the Kubernetes check, and an OK button for closing the dialog box.

Authentication

The Authentication section indicates whether the connection of your server to the Infoblox Portal using the join token or serial number is successful or not. A join token is a special-purpose secret used to authenticate a server to automatically associate itself with its corresponding user account and establish a connection to the Infoblox Portal. You must first create a join token through the Infoblox Portal, and then assign the token to the corresponding server.

The Device UI displays the join token and serial number of the server in this section. If authentication failed, you can verify the join token and correct in the join token field. If the authentication failed due to an incorrect serial number, you can modify the serial number in the Infoblox Portal. Note that the serial number displayed here is automatically populated from the information you provided either via the Infoblox Portal. You cannot modify the serial number here.

A screenshot of the Authentication dialog box. It contains a text field for entering a join token, a text field for entering a serial number, an OK button for Authentication, and an OK button for closing the dialog box.

Cloud Connectivity

The Cloud Connectivity status shows you whether your server has successfully established a connection to the Infoblox Portal. If the connectivity status is "Failed," check all failed services and take corrective actions.

Administrating the Server

In the Administration panel, you can restart you server, reset the server to factory settings, collect the support bundle for troubleshooting purposes. as well as enabling and disabling a secure terminal connection between the NIOS-X servers and the debugging interface (debug CLI).

Device Restart

In the Device Restart section, click Restart to restart your server. When a restart is initiated, all processes are down, and no further logins are allowed on the server. The server will close all open files, stop running processes, and restart the system.

Factory Reset

In the Factory Reset section, click Reset to initiate a factory reset for the server. When you start a factory reset, it will reinstate the initial state of the server. All configuration will be set to the initial factory-provided settings. The software will be reset to the initial version. Confirm you really want to reset you server before resetting it because this action cannot be undone.

Support Bundle

In the Support Bundle section, click Collect to start collecting logs and configurations about your environment, so Technical Support can use the information for troubleshooting. Once the system starts collecting information, the following dialog appears. You can click Cancel to stop the collection.

When the system completes collecting information, the following dialog appears and you can click Download to save the Support Bundle to your computer.

SSH

In the SSH section, you can enable or disable a secure terminal connection on port 2022 between your server and the debugging interface (debugging CLI).

When you have issues in deploying new Infoblox platform images or experiencing any issues with the cloud connectivity, you can troubleshoot issues using the debugging CLI. When you enable the secure connection, you can log in to the debugging CLI and use supported CLI commands to troubleshoot issues.

You can access the debugging CLI via the following:

Serial console
SSH client

Serial Console

To access the debugging CLI via the serial console, do the following.

Connect to the serial console of your server.
Once you get health checks on the serial console as illustrated in the screenshot below, press Ctrl+c to connect to the server. You will be redirected to the debugging CLI login prompt.
Use the following credentials to log in:
- Login: admin
- Password: The last 8 digits of the serial number (without spaces)

SSH

You can enable or disable a secure terminal connection on port 2022 to access the debugging CLI from the Device UI.

To access the debugging CLI when the server is online, do the following:

Log in to the Cloud Service Portal.
Enable local access on the server. For information, see Managing Local Access for Servers.
Launch and log in to the Device UI. For information, see Accessing the Device UI in this topic.
Go to the SSH section and click Enable. Once you enable SSH, the Disable button appears.
Use an SSH client to connect to the debug CLI on port 2022 (example: ssh -p 2022 admin@[remote_server_ip]).
Use the following credentials to log in to the debug CLI:
- Login: admin
- Password: The last 8 digits of the serial number (without spaces).

To access the debugging CLI when the server is offline, do the following:

Launch and log in to the Device UI. For information, see Accessing the Device UI in this topic.
Go to the SSH section and click Enable. Once you enable SSH, the Disable button appears.
Use an SSH client to connect to the debug CLI on port 2022 (example: ssh -p 2022 admin@[remote_server_ip]).
Use the following credentials to log in to the debug CLI:
- Login: admin
- Password: The last 8 digits of the serial number (without spaces)

Supported Debug CLI Commands

Run the help command to check supported debug CLI commands and their usage.

Supported CLI Command	Description
`clear`	Clear the terminal screen
`df`	Get file system disk space usage
`dig`	DNS lookup utility Restricted argument: -f
`du`	Estimate file space usage
`exit`	Exit the debug CLI
`free`	Display the amount of free and used memory in the system
`help`	Display the list of supported CLI commands
`ifconfig`	Display a network interface Allowed argument: -a
`iostat`	Report CPU statistics and input/output statistics for devices and partitions.
`ip`	Display routing, network devices, interfaces and tunnels Restricted arguments: add, del, set, flush, change, append, replace, update, -b, - -b, -batch, - -batch
`nslookup`	Query internet name servers
`ntpq`	Standard NTP query. Cannot execute only the ntpq command. You must include at least one argument. Restricted argument: -i
`ping`	Send ICMP ECHO_REQUEST to network servers.
`route`	Display the IP routing table Restricted arguments: add, del
`service-config`	Display and transfer service config file. Run `service_config help` to see the desired format of the command. Examples: To view: `service_config view [servie_name/service_type]` To transfer: `service_config transfer [servie_name/service_type] [-P open_ssh_port ] user@remote_server_ip:/path_to_copy`
`ss`	The utility for investigating sockets Restricted arguments: -F, - -filter
`ssh`	Enable or disable ssh on the server. Allowed arguments : enable: Enable ssh on the server. disable: Disable ssh on the server. status: Check the current status of the ssh
`tcpdump`	Get traffic on a network Restricted arguments: -w Context timeout: 600 sec
`top`	Display Linux processes. The top command will not take any arguments and will run for one iteration in batch mode by default.
`traceroute`	Print the route packets traced to the network server.
`transfer_sb`	Transfer support bundle to the remote server using the SCP protocol. Run transfer_sb help to see the desired format of the command. Example: `transfer_sb [-P open_ssh_port ]user@remote_server_ip:/path_to_copy`
`vmstat`	Report virtual memory statistics

BloxOne Infrastructure

Troubleshooting Servers

Accessing the Device UI

Viewing Device Status and Configuration

Updating Configuration

Network

HTTPS(S) Proxy

Time Settings

Docker

Kubernetes

Authentication

Cloud Connectivity

Administrating the Server

Device Restart

Factory Reset

Support Bundle

SSH

Serial Console

SSH

Supported Debug CLI Commands