Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Note

Under some circumstances, the Rogue DHCP Server Detected issue may not trigger. NetMRI sends DHCP packets that will obtain responses from DHCP servers that can traverse networks through DHCP relays. Not all DHCP server will respond to DHCP packets sent by NetMRI for detection purposes. Also, some DHCP servers may be undetectable by NetMRI based on their position in the network; for example, DHCP servers that are connected to WAN interfaces and only send DHCP responses downstream will not respond to probes by NetMRI.

The Automation Change Manager acts on NIOS-generated DHCPACK syslog messages for triggering task execution. Part of NIOS configuration to support ACM consists of forwarding the syslog stream to NetMRI. This is typically done on a per-Grid-Member basis. DHCPACK syslog messages are sent whenever a DHCP lease is granted or renewed and contain the IP and MAC address of the end host. Upon receipt of a DHCPACK  syslog message, if a network =device or end host is not known to NetMRI, a Discover-Now operation executes.

If the discovered device/end host is found to be running a DHCP server, NetMRI raises a Rogue DHCP Server Detected issue and a series of events takes place, further described in the topic Activating Rogue DHCP Server Remediation.
NIOS DHCP configuration intuitively supports custom DHCP options, which follow the RFC 2132 guidelines. DHCP configuration settings can quickly apply across the entire NIOS grid (in NIOS, Grid Manager > DHCP > Grid DHCP Properties), or to a specific DHCP range on a specific member. The same guideline applies if NetMRI operates with a standalone NIOS appliance running the DHCP service in the network. You can also create new DHCP ranges on any NIOS appliance running DHCP, to support Cisco and Juniper DHCP options for ACM bare-metal provisioning.
For Cisco:

  • option tftp-server-name code 66 = text (Option 66, uses the IP address of the TFTP server or an FQDN);

For Juniper:

  • option mobile-ip-home-agent code 68 = array of ip-address (Option 68)

All NIOS appliances running DHCP service must also forward Syslog messages to NetMRI.

The Automation Change Manager also detects DHCPACK messages automatically through its own Syslog service, and uses them as the triggers for ACM tasks.

Note

For more details on configuring the DHCP service on NIOS systems, see the Infoblox NIOS Administrator Guide, Chapter 19, Infoblox DHCP Services and Chapter 20, Configuring DHCP Properties.

  • No labels