/
Troubleshooting Servers
Document toolboxDocument toolbox

Troubleshooting Servers

Owned by Shirly Tsang
Last updated: Dec 20, 2024 by Sri Raghu

When your NIOS-X server is disconnected from the Infoblox Portal or when it experiences issues, you can access the Device UI to troubleshoot the problems. The Device UI is designed to display a comprehensive view of the networking health of your server. You can obtain configuration and connectivity data through the Device UI, and perform corrective actions to address applicable issues.

The Device UI performs the following verification:

  • The IP address of the server
  • DNS service
  • DHCP connection
  • NTP connectivity
  • Access to the Infoblox Portal
  • Time synchronization
  • Explicit proxy test
  • Docker rules
  • Docker Bridge settings
  • Kubernetes Bridge settings
  • Join token validation

After the Device UI completes the verification, it displays the results and status in the Configuration and Administration sections.

Accessing the Device UI

  1. Open a browser window.

  2. Launch the Device UI by entering the IP address of the server in this format:
    https://<Server IP address>
    Note that if there was no DHCP server available in your network, and you did not configure a static IP when you initially set up your server, the server will fall back to the default IP address 198.51.100.21.

  3. Enter the following local access credentials:
    • Username: Enter admin as the login user name for the server.
    • Password: Enter your password.

      When deploying NIOS-X servers, Infoblox initially uses a default username and password for accessing the Device UI. Users can now change this default password via the Infoblox Portal, Device UI, or Debug CLI. Once changed, the new password will be synchronized across the console and Device UI, allowing for SSH and HTTPS access (if you forget the password, and the host is disconnected, you have to do factory reset).

Viewing Device Status and Configuration

When you launch the Device UI, it displays the overall configuration status in the left panel and the configuration details in the right panel

  • Configuration: Network, HTTP(S) Proxy, Time Settings, Docker, Kubernetes, Authentication, and Cloud Connectivity
  • Administration: Device Restart, Factory Reset, and Support Bundle

In the left panel, you can view the overall status for each configuration component through the following status icons:

  • The checkmark icon = The service is running properly and connectivity is good. No corrective action is required.
  • A blank, grey icon = The service has not been started and no connectivity has been established. Configure the service if necessary.
  • The X icon = The service or connectivity failed. Take corrective actions by modifying the configuration.

In the Configuration pane on the right, you can view the overall status for each service and individual component, as follows:

  • The OK icon= The service, connection, and settings have been verified and functioning properly.
  • The Not Started icon = The service or connection has not started yet.
  • The FAILED icon = The service, connection, and/or settings failed. Take corrective actions by modifying the configuration.
  • The Not Applicable icon = No configuration has been set for this service, therefore, no verification is done until you set up the necessary configuration.

Updating Configuration

In the Configuration panel, the Device UI displays detailed information about the networking and service configurations. You can view the current configuration and connectivity of your server and fix any problematic areas, if applicable.

Notes

  • You must enable local access on the server before you can make configuration changes to the following settings. For information about local access, see Managing Local Access for Servers.
  • If you update any configuration on an server that has a connection issue with the Infoblox platform and has a secondary interface configured, the secondary interface could be removed from the server.

Network

Your server must have internet access in order to establish connectivity to the Infoblox Portal.

Select one of the following to set up the network configuration:

DNS Resolvers: You can configure specific DNS resolver(s) that your server uses to resolve DNS requests. For multiple resolvers, enter the IP addresses separated by commas (,).
Example: 1.1.1.1,8.8.8.8

Note

When you add and use a new DNS resolver, the server uses the new resolver and the default settings will not be retained.

IPv4 Network Mode: Select one of the following for your IPv4 network:

  • DHCP: If your network contains a DHCP server, select DHCP to automatically receive a dynamic IPv4 address for the server.
  • Static: If you want to assign a specific IPv4 address to your server, select Static to manually configure the IPv4 address, netmask or CIDR, and the default gateway for the server.

IPv6 Network Mode: Select one of the following for your IPv6 network:

  • DHCP: If your network contains a DHCP server, select DHCP to automatically receive a dynamic IPv6 address for the server.
  • RA: Select this to use router advertisements in your IPv6 network. The server auto-generates a link-local address to communicate with other servers or neighbors on the same network.
  • Auto Select: Select this to allow the system to select the best way to obtain an IPv6 address for the server.
  • Static: If you want to assign a specific IPv6 address to your server, select Static to manually configure the IPv6 address, CIDR, and the default gateway for the server.

Advanced Settings: Expand this section to configure IPv4 and IPv6 MTU (Maximum Transmission Unit) for your network path:

  • Disable Path MTU Discovery: Toggle to enable or disable path MTU discovery. Path MTU discovery is used to determine the MTU size to avoid IP fragmentation. Path MTU discovery is enabled by default.
  • IPv4 MTU Settings: Enter the maximum transmission unit for your IPv4 network, which is the size of the largest protocol data unit that can be communicated in a single network layer transaction. Valid values are from 1280 to 9000. For dual stack configuration, valid values are from 1280 to 9000. The default value is 1500.
  • IPv6 MTU Settings: Enter the maximum transmission unit for your IPv6 network, which is the size of the largest protocol data unit that can be communicated in a single network layer transaction. Valid values are from 1280 to 9000. The default value is 1500.

The system validates the IP address, DHCP connection, and the DNS service, and the Device UI displays the current status of each component.

HTTPS(S) Proxy

Based on your business needs, you may need to configure an HTTP or HTTPS proxy server to handle HTTP(S) requests from clients over the LAN or Internet.

Enter the HTTP or HTTPS proxy in this format: http(s)://[username:password@]<proxy domain>:<proxy port>

Where

  • username and password = The credential you use to log in to the proxy.
  • proxy domain = The domain name of the proxy.
  • proxy port = The port number you use to access the proxy.

Example: https://joesmith:Welc0me123!@proxy.example.com:443

Time Settings

You can set up specific NTP server(s) with which your server synchronizes time. If you have not configured any NTP server or local DNS resolver, the server uses the Ubuntu NTP server (ntp.ubuntu.org or ubuntu.pool.ntp.org) and Universal DNS (IP: 52.119.40.100). Note that the communication to these services does not go through the HTTPS proxy, and you must ensure that the NTP port (UDP 123) and the DNS port (TCP/UDP 53) are opened on your firewall.

To configure NTP server(s), enter the IP address(es) or FQDN(s) of the NTP servers, separated by commas (,). 

Example: 192.0.2.1,example.ntp.org,192.0.2.1

Note

When you add and use a new NTP server, the server uses the new NTP server and the default settings will not be retained.

Docker

If your network service is deployed in a Docker container, you must complete the Docker configurations so your server can communicate with your network.

To configure Docker, enter the Docker bridge IP address and its netmask.

Example: 192.0.2.1/24

Note

You can use an IP address for the Docker Bridge in a network no larger than a /24 subnet.

Kubernetes

You can configure the Kubernetes Bridge settings in this section. If the network CIDRs are not configured, the Kubernetes Bridge uses the default IP of 10.42.0.0/16 for the cluster CIDR and 10.43.0.0/16 for the service CIDR. The system conduct a health check on the setting and displays OK if the settings are valid.

A screenshot of the Kubernetes Bridge Settings dialog box. It contains a text field for entering a Cluster CIDR, a text field for entering a Service CIDR, an OK button for the Kubernetes check, and an OK button for closing the dialog box.

Authentication

The Authentication section indicates whether the connection of your server to the Infoblox Portal using the join token or serial number is successful or not. A join token is a special-purpose secret used to authenticate a server to automatically associate itself with its corresponding user account and establish a connection to the Infoblox Portal. You must first create a join token through the Infoblox Portal, and then assign the token to the corresponding server. 

The Device UI displays the join token and serial number of the server in this section. If authentication failed, you can verify the join token and correct in the join token field. If the authentication failed due to an incorrect serial number, you can modify the serial number in the Infoblox Portal. Note that the serial number displayed here is automatically populated from the information you provided either via the Infoblox Portal. You cannot modify the serial number here.

A screenshot of the Authentication dialog box. It contains a text field for entering a join token, a text field for entering a serial number, an OK button for Authentication, and an OK button for closing the dialog box.

Cloud Connectivity

The Cloud Connectivity status shows you whether your server has successfully established a connection to the Infoblox Portal. If the connectivity status is "Failed," check all failed services and take corrective actions.

Administrating the Server

In the Administration panel, you can restart you server, reset the server to factory settings, collect the support bundle for troubleshooting purposes. as well as enabling and disabling a secure terminal connection between the NIOS-X servers and the debugging interface (debug CLI).

Device Restart

In the Device Restart section, click Restart to restart your server. When a restart is initiated, all processes are down, and no further logins are allowed on the server. The server will close all open files, stop running processes, and restart the system. 

Factory Reset

In the Factory Reset section, click Reset to initiate a factory reset for the server. When you start a factory reset, it will reinstate the initial state of the server. All configuration will be set to the initial factory-provided settings. The software will be reset to the initial version. Confirm you really want to reset you server before resetting it because this action cannot be undone.

Support Bundle

In the Support Bundle section, click Collect to start collecting logs and configurations about your environment, so Technical Support can use the information for troubleshooting. Once the system starts collecting information, the following dialog appears. You can click Cancel to stop the collection.

The Collect Support Bundle dialog box

When the system completes collecting information, the following dialog appears and you can click Download to save the Support Bundle to your computer.

The Download Support Bundle dialog box

SSH

In the SSH section, you can enable or disable a secure terminal connection on port 2022 between your server and the debugging interface (debugging CLI).

When you have issues in deploying new Infoblox platform images or experiencing any issues with the cloud connectivity, you can troubleshoot issues using the debugging CLI. When you enable the secure connection, you can log in to the debugging CLI and use supported CLI commands to troubleshoot issues.

You can access the debugging CLI via the following:

  • Serial console
  • SSH client

Serial Console

To access the debugging CLI via the serial console, do the following.

  1. Connect to the serial console of your server.
  2. Once you get health checks on the serial console as illustrated in the screenshot below, press Ctrl+c to connect to the server. You will be redirected to the debugging CLI login prompt.

    A screenshot of the debugging CLI login prompt.
  3. Use the following credentials to log in:
    • Login: admin
    • Password: your password

SSH

You can enable or disable a secure terminal connection on port 2022 to access the debugging CLI from the Device UI.

To access the debugging CLI when the server is online, do the following:

  1. Log in to the Cloud Service Portal.
  2. Enable local access on the server. For information, see Managing Local Access for Servers.
  3. Launch and log in to the Device UI. For information, see Accessing the Device UI in this topic.
  4. Go to the SSH section and click Enable. Once you enable SSH, the Disable button appears.
    A screenshot of the debugging CLI for a host that is online
  5. Use an SSH client to connect to the debug CLI on port 2022 (example: ssh -p 2022 admin@[remote_server_ip]).
  6. Use the following credentials to log in to the debug CLI:
    • Login: admin
    • Password: your password

To access the debugging CLI when the server is offline, do the following:

  1. Launch and log in to the Device UI. For information, see Accessing the Device UI in this topic.
  2. Go to the SSH section and click Enable. Once you enable SSH, the Disable button appears.
    A screenshot of the debugging CLI for a host that is offline
  3. Use an SSH client to connect to the debug CLI on port 2022 (example: ssh -p 2022 admin@[remote_server_ip]).
  4. Use the following credentials to log in to the debug CLI:
    • Login: admin
    • Password: your password

Supported Debug CLI Commands

Run the help command to check supported debug CLI commands and their usage.

Supported CLI CommandDescription
clearClear the terminal screen
dfGet file system disk space usage
digDNS lookup utility
Restricted argument: -f
duEstimate file space usage
exitExit the debug CLI
freeDisplay the amount of free and used memory in the system
helpDisplay the list of supported CLI commands
ifconfigDisplay a network interface
Allowed argument: -a
iostatReport CPU statistics and input/output statistics for devices and partitions.
ipDisplay routing, network devices, interfaces and tunnels
Restricted arguments: add, del, set, flush, change, append, replace, update, -b, - -b, -batch, - -batch
nslookupQuery internet name servers
ntpqStandard NTP query. Cannot execute only the ntpq command. You must include at least one argument.
Restricted argument: -i
pingSend ICMP ECHO_REQUEST to network servers.
routeDisplay the IP routing table
Restricted arguments: add, del
service-config

Display and transfer service config file. Run service_config help to see the desired format of the command.

Examples:

  • To view: service_config view [servie_name/service_type]
  • To transfer: service_config transfer [servie_name/service_type] [-P open_ssh_port ] user@remote_server_ip:/path_to_copy
ssThe utility for investigating sockets
Restricted arguments: -F, - -filter
ssh

Enable or disable ssh on the server.
Allowed arguments :

  • enable: Enable ssh on the server.
  • disable: Disable ssh on the server.
  • status: Check the current status of the ssh
tcpdump

Get traffic on a network
Restricted arguments: -w
Context timeout: 600 sec

topDisplay Linux processes. The top command will not take any arguments and will run for one iteration in batch mode by default.
traceroutePrint the route packets traced to the network server.
transfer_sb

Transfer support bundle to the remote server using the SCP protocol. Run transfer_sb help to see the desired format of the command.

Example: transfer_sb [-P open_ssh_port ]user@remote_server_ip:/path_to_copy

vmstatReport virtual memory statistics