Page tree

Contents

When you configure DHCP properties for the Grid, members, networks, shared networks, DHCP ranges, fixed addresses, reservations, host addresses, and roaming hosts, the appliance applies the configured properties hierarchically. In addition, IPv4 DHCP objects inherit IPv4 specific properties and IPv6 objects inherit IPv6 specific properties. For example, when you set DHCP IPv4 properties for the Grid, all DHCP IPv4 objects inherit the properties from the Grid unless you override them at a specific level, and the same applies for IPv6 properties and objects.
Properties set at the member level override Grid-level settings and apply to the objects that the member serves. Properties set at the network level override member-level settings and apply to the objects within the network. Properties set for a DHCP range override those set at higher levels. You can also set specific properties that apply only to fixed addresses, reservations, host addresses, and roaming hosts.
Figure 25.4 illustrates some inheritance scenarios that can occur in a Grid. As shown in the figure, the authoritative server configuration set for the Grid is inherited by the members. Since Member 1 has no overrides and Member 2 overrides the authoritative server configuration, they have different DHCP configurations. Grid Manager applies DHCP properties hierarchically from the Grid down. Therefore, a DHCP object below the member level can inherit DHCP properties with multiple values from multiple sources. In  Figure 25.4, network 10.1.1.0/24 inherits multiple values (True and False) from the members for the authoritative server configuration. The shared network, which includes 10.1.1.0/24, inherits DHCP properties from both members. For DHCP range 10.1.1.11 - 10.1.1.50, since Member 1 is the assigned member, it inherits properties from Member 1 and the network. The fixed address 10.1.1.2 overrides the BOOTP settings and inherits the authoritative server configuration from both members and the network.
Figure 25.4 Inheritance Hierarchy in a Grid


When a DHCP property contains inherited values from different sources, the appliance displays the corresponding information when you create or modify an object. Based on the information provided, you can then decide whether to override or keep the inherited values. You must have read/write permissions to the DHCP resources to override inherited values. You can only view inherited values and paths if you have read-only permissions.

Overriding DHCP Properties

DHCP properties configured at the Grid level apply to the entire Grid. You can choose to keep the inherited properties or override them when you configure the properties for a member, network, shared network, DHCP range, fixed address, host address, or roaming host. For example, you can override the values of DHCP properties inherited from a member and enter unique values for a network that is configured for DHCP.
To override an inherited value:

  1. In a wizard or editor, click Override next to a property to enable the configuration. The Override button changes to Inherit.
  2. Enter a new value to override the inherited value.

Viewing Inherited Values

When you configure DHCP properties that contain inherited values, the appliance displays the information based on the inheritance sources. The following table summaries what the appliance can display:

When you see...

it means...

For details, see...

Inherited From <object>

the DHCP property has a definite value from an inheritance source.

Simple Inheritance

Inherited From Upper Level

the appliance cannot determine the inherited value or inheritance source for the DHCP property.

Unknown Inheritance

Inherited From Multiple

the DHCP property has the same value that it inherits from multiple sources.

Multiple Inheritance

Settings Inherited from Multiple Ancestors, View Multiple Inheritance Scenarios

the DHCP property has multiple values that it inherits from multiple sources, and you can view the values and their corresponding sources by clicking the View Multiple Inheritance Scenarios link.

Multiple Inheritance

Simple Inheritance

When a DHCP property has an inherited value from a specific source, the appliance displays the value. It also displays Inherited From <object> (where <object> can be the Grid, member, network, shared network, or DHCP range) to indicate the source from which the value is inherited.
For example, when you set DHCP properties at the Grid level and do not override the properties at any level, the members, networks, shared networks, DHCP ranges, fixed addresses, reservations, host addresses, and roaming hosts inherit these properties from the Grid. The appliance displays the property value and Inherited From Grid Infoblox for each configured DHCP property, as shown in Figure 25.5.


Figure 25.5 Simple Inheritance

Unknown Inheritance

In some cases, DHCP properties may not have definite inherited values and inheritance sources. The following are examples of unknown inheritance:

  • The appliance cannot determine the inheritance sources of the DHCP properties in a template until you use the template to create an object.
  • When a network or a DHCP range does not have an assigned member, it does not have a clear definition of an inheritance source because a network or a DHCP range inherits properties from a member.
  • When individual networks in a shared network do not have member assignments, the shared network has unknown inheritance because the shared network inherits DHCP properties from a member and its networks.
  • All roaming hosts have unknown inheritance because the DHCP properties can be inherited from different DHCP ranges within a network view.

In cases where the source of the inheritance is unknown, the appliance displays Inherited From Upper Level as the inheritance source. As shown in Figure 25.6, network 10.1.1.0 has unknown lease time value because it does not have any assigned member.
Figure 25.6 Unknown Inheritance

Multiple Inheritance

As illustrated in Figure 25.7, a network can have multiple inherited values and inheritance sources for DHCP properties when it is served by multiple members. When an object inherits a DHCP property from different sources, the property value can be the same from all sources or it can be different. When the value is the same, the appliance displays the value in the property field. When there are multiple values inherited from multiple paths, the appliance displays the information to indicate so.
In a Grid, when two members serve the same network, the network inherits DHCP properties from both associated members. If both members have the same configured DHCP property, the network inherits the same value from both members. For example, when DHCP network 10.1.1.0 has two associated members and both members have the lease time set for 20 hours, the appliance displays the lease time value and Inherited From Multiple to indicate the value is inherited from multiple sources, as shown in Figure 25.7.
Figure 25.7 Multiple Inherited Paths with the Same Inherited Value

In the same Grid with the two members serving the same network, the network inherits different values for the same properties if you override the Grid configuration on one member but not on the other. For example, you can configure different PXE lease times for the members and configure a member as an authoritative DHCP server for the domain and the other not. In this case, the appliance displays Settings inherited from multiple ancestors and provides a View Multiple Inheritance Scenarios link so you can view the inherited values and paths, as shown in Figure 25.8.
Figure 25.8 Multiple Inheritance Sources with Multiple Values



For example, to view the multiple inherited values of the Authoritative field, click View Multiple Inheritance Scenarios, and the Multiple Inheritance Viewer displays the inherited values from the two members. Since member1.foo.net does not have a configured value for this field, the viewer displays Not Set, as shown in Figure 25.10. You can use this information to determine whether you want to keep the inherited values or configure new ones.
Figure 25.9 Multiple Inheritance Viewer


Another scenario of multiple inherited levels is when you have multiple DHCP properties that can inherit the same or multiple values from different sources. For example, when you configure multiple DHCP custom options, each of the options can inherit the same or multiple values from multiple paths. You can override the inherited options and configure new ones at a specific level other than the Grid level. Though these options are grouped under DHCP Custom Options, the appliance treats each of them as a separate property. The appliance groups the inherited options at the top, as shown in Figure 25.10. You can override these options but you cannot delete them. For multiple values inherited from multiple sources, you can view the values in the Multiple Inheritance Viewer by clicking View Inheritance, as shown in Figure 25.11.
Figure 25.10 DHCP Custom Options with Multiple Inheritance Sources


Figure 25.11 Multiple Inheritance Viewers for Options


When you configure email notification for the Grid or Grid member from the Data Management tab -> Grid tab, the email address you enter there is inherited by the DHCP configuration for the Grid, members, networks, and DHCP ranges unless you override it at a specific level. The appliance uses this email address to send notification for a DHCP range when the DHCP usage crosses either the effective watermark threshold. For information, see Configuring Thresholds for DHCP Ranges.
A network container inherits DHCP options from its parent and grandparent network containers. A network container does not inherit DHCP options defined at the Grid or member level.
Note the following about the DHCP option inheritance:

  • For networks and shared networks, you can override an inherited DHCP option defined at the Grid or Member level.
  • A shared network without a parent network container continues to inherit DHCP options from its parent Grid or member. The parent object is derived from the first network within the shared network.
  • A network inherits DHCP option from its parent object. For example, if a network has a parent network container parent and parent shared network parent, if a DHCP option is overridden on the shared network, then this overridden value gets inherited. If the DHCP option is overridden on a network container, then this overridden value gets inherited. Otherwise, the network continues to inherit from its parent Grid or member.

About Network Views

A network view is a single routing domain with its own networks and shared networks. A network view can contain both IPv4 and IPv6 networks. All networks must belong to a network view.
You can manage the networks in one network view independently of the other network views. Changes in one network view are not reflected in other network views. Because network views are mutually exclusive, the networks in each view can have overlapping address spaces with multiple duplicate IP addresses without impacting network integrity.
For example, two corporations, Corp 100 and Corp 200, merge. They each have their own networks and DNS domains. They also have their own private IP address spaces in the 10.0.0.0/24 network. Both corporations have DHCP and DNS servers, and use dynamic DNS updates. The DHCP servers of each corporation serve IP addresses for networks in their respective corporations. The DHCP clients in each corporation update DNS zones within their DNS domains.
They plan to migrate the networks and hosts in Corp 200 to the Corp 100 address space and the corpxyz.com domain. To support both networks in the meantime and to facilitate the migration, you can configure an Infoblox Grid to centrally manage the networks and domains of both corporations. As shown in Figure 25.12, you can configure network views for each corporation and manage their networks independently of the other.
Member 1 serves DNS and DHCP to Corp 100. The networks of Corp 100 are contained in the corp 100 network view, which is associated with both the internal and external DNS views of the corpxyz.com domain. Member 2 serves DNS and DHCP to Corp 200. The networks of Corp 200 are in the corp 200 network view, which is associated with both the internal and external DNS views of the corp200.com domain The two corporations have one overlapping network, 10.1.1.0/24.


Figure 25.12 Two Network Views Managed by a Grid



A Grid member can serve one network view only, but a network view can be served by multiple Grid members. DHCP failover associations must be defined within a single network view, and both the primary and secondary peer must serve the same network view.
The NIOS appliance provides one default network view. You can rename the default view and change its settings, but you cannot delete it. There must always be at least one network view in the appliance. If you do not need to manage overlapping IP address spaces in your organization, you can use the system-defined network view for all your networks. You do not need to create additional network views. But if there are overlapping IP address spaces and you need more than one network view, you can create up to 1000 network views.
Each network view must be associated with at least one DNS view. The default network view is always associated with the default DNS view, which also cannot be deleted. When you create a network view, the appliance automatically creates a corresponding DNS view with the same name as the network view, but with "default" prepended to the name. You can then rename that system-defined DNS view, but you cannot delete it.
A network view can be associated with multiple DNS views (as shown in Figure 25.12), but a DNS view cannot be associated with more than one network view. Each network view must be associated with a unique set of DNS views.
You can initiate a network discovery in only one network view at a time. When you run a discovery task, the appliance sends updates to all DNS views associated with the network view. (For information about network discoveries, see Chapter 14, IP Discovery and vDiscovery.

Adding Network Views

All networks must belong to a network view. You can use the default network view on the appliance and create additional network views, as needed. If you plan to enable DDNS (dynamic DNS) updates on any of the networks, DHCP ranges and fixed addresses in the network view, you must set parameters that specify which DNS view is updated for each network view.


Note: If there are more than 20 network views, the appliance lists the available network views in the Network View Selector dialog box. If there are 20 or less than 20 network views, the appliance displays them in the
drop-down list.


To create a network view:

  1. From the Administration tab, select the Network Views tab, and then click the Add icon.
  2. In the Network View wizard, do the following:
    • Name: Enter the name of the network view.
    • Comment: Enter useful information about the network view.

The Cloud section displays if the Cloud Network Automation license is installed on the Grid Master. For information, see Deploying Cloud Network Automation.
Delegate authority from the Grid Master

    • Delegate To: This field indicates whether the authority for the network view you want to create has already been delegated to a Cloud Platform Appliance. Click Select to choose the Cloud Platform Appliance to which you want to delegate authority. The Member Selector displays only Cloud Platform Appliances in the Grid. Click the member, and Grid Manager displays the member name next to this field. This cloud member now assumes authority for this network view, and the Grid Master does not have authority any more. You can also click Clear to remove authority delegation from the selected Cloud Platform Appliance and return authority back to the Grid Master.

Restricting synchronization of network views

    • Disable sync to MGM: Select this check box to disable synchronization. This will restrict the synchronization of all objects that are associated with the network view. This check box is available only on the managed Grid when it remains joined with the Multi-Grid Master.

3. Click Next to enter values for required extensible attributes or add optional extensible attributes for the network view. For information, see About Extensible Attributes.

4. Click Next, and then save the configuration or select:

Configure DDNS Properties: Configure the DNS zones that are associated with the network view to receive DDNS updates. When you select this option, the Configure DDNS Properties dialog box appears. The appliance saves the network view entry before it opens the Configure DDNS Properties dialog box. For information, see Configuring DDNS Updates.

Modifying Network Views

  1. From the Administration tab, select the NetworkViews tab -> network_view check box, and then click the Edit icon.
  2. The NetworkView editor provides the following tabs from which you can edit data:
    • General: You can modify Name and Comments in this tab. When the Cloud Network Automation license is installed on the Grid Master, Grid Manager displays the following in the Cloud section:
      You see the following when Cloud Network Automation is deployed (For information, see Deploying Cloud Network Automation):
      • Cloud Usage: This field indicates whether this object is associated with any specific cloud extensible attributes or within a scope of delegation. It can be one of the following:
        • Cloud from adapter: Indicates that this object has been created by a cloud adapter and it may or may not be within a scope of delegation at the moment.
        • Cloud from delegation: Indicates that this object is within the scope of delegation or the object itself defines a scope of authority delegation, and it is not created by a cloud adapter.
        • Used by cloud: Indicates that this network or network container is associated with the extensible attribute Is External or Is Shared and the value is set to True, which implies the network is a private or shared network managed by the CMP, and it is not Cloud from adapter or Cloud from delegation.
        • Non-cloud: The object is a regular NIOS object and is not within the scope of any authority delegation nor is it associated with any of these extensible attributes: Cloud API Owned,Is External or Is Shared. NIOS admin users can modify this object based on their permissions.
      • Owned By: A cloud object can be owned by the Grid Master or the cloud adapter. When the object is created by the Cloud Platform member, this shows Grid. If the object is created by the cloud adapter, this shows Adapter.
      • Delegated To: This tells you whether a cloud object has been delegated to a Cloud Platform Appliance or not. If the cloud object has a parent object and the parent has been delegated, this field shows the parent delegation and you cannot modify the field.
        Restricting synchronization of network views
      • Disable sync to MGM: Select this check box to disable synchronization. This will restrict the synchronization of all objects that are associated with the selected network view. This check box is available only on the managed Grid when it remains joined with the Multi-Grid Master.
    • Members: This tab displays the members that provide DHCP services for the networks in this network view.
      You cannot modify information in this tab. It displays the following:
      • Name: The name of the DHCP member.
      • IP Address: The IP address of the DHCP member.
      • Failover Association: The name of the failover association to which the DHCP member belongs. If there are multiple failover associations, only the first one is displayed.
      • Comment: The information that you entered for the DHCP member.

You can sort the information in the table by column. You can also print and export the information.

Deleting Network Views

You can delete any network view, except for the default network view. You can delete a network view that has only one DNS view associated with it. You cannot delete a network view that has more than one DNS view associated with it. When you delete a network view, the appliance deletes all the networks and records within the network view.

To delete a network view:

  1. From the Administration tab, select the Network Views tab -> network_view check box, and then click the Delete icon.
  2. In the Delete Confirmation dialog box, click Yes.

The appliance removes the network view and its associated DNS views. You can restore the network view from the Recycle Bin, if enabled. If you restore a network view, the appliance restores the associated DNS views as well. For information about the Recycle Bin, see Using the Recycle Bin.

  • No labels

This page has no comments.