You can configure IP addresses on the loopback interface to minimize service downtime during a server migration. As illustrated in Figure 24.1, you have two existing DNS servers (ns1.corpxyz.com 126.96.36.199 and ns2.corpxyz.com 188.8.131.52) and you want to replace these servers with a new one (ns3.corpxyz.com 184.108.40.206). The migration takes a few weeks and you want DNS services to be available on all three addresses during the migration. You can add all three IP addresses to the loopback interface of a NIOS appliance, and then configure the appliance to provide DNS services on all addresses. After the server migration, you can shut down the old servers and use the new one for services.
Figure 24.1 DNS Server Migration Using the Loopback Interface
You can also add an IP address that is used solely for DNS queries, to separate the DNS traffic. You first add an IP address you want to use for DNS queries on the loopback interface. You then configure the appliance to listen for DNS queries solely on this address. For information, see Specifying Source Ports.
When you configure non-anycast addresses on the loopback interface, ensure that you establish a static route between the appliance and the router so queries to these addresses are routed correctly. For information, see Advertising Loopback Addresses to the Network.
Note: You can configure multiple interfaces on the Infoblox-4030 appliance only. To configure LAN1, LAN2 and MGMT interfaces to the same IPv4 or IPv6 subnet, provide the same netmask for IPv4, or a CIDR prefix for IPv6, as the LAN1 interface. Alternatively, you can use a /32 netmask (255.255.255.255) for IPv4, or /128 CIDR prefix for IPv6 with the same subnet as LAN1 interface to configure multiple interfaces. An Infoblox-4030 can replace three DNS cache servers that are active on the same network. When you configure multiple interfaces on the same subnet, the outgoing traffic from NIOS host which is received through LAN2 and MGMT is directed to the LAN1 router for all interfaces on the LAN1 subnet, irrespective of the destination IP. However, if the LAN1 interface fails, the outgoing traffic will not be re-directed to any other interface and access to LAN2 and MGMT also fails.
To configure an IP address on the loopback interface:
- From the Grid tab, select the Grid Manager tab -> Members tab -> Grid_member check box -> Edit icon.
- In the Grid Member Properties Editor, select the Network tab -> Basic tab.
You can add an IPv4 or IPv6 address on the loopback. You define each type in their own table.
- Click the Add icon in the Additional Ports and Addresses table and select Additional Address (loopback) (IPv4) or Additional Address (loopback) (IPv6) from the drop-down list.
Note: You cannot configure Additional Address (loopback) (IPv4) interface for an IPv6 Grid member and Additional Address (loopback) (IPv6) interface for an IPv4 Grid member. You can only enter the IP address you want to add to the loopback interface. You cannot configure the subnet mask, prefix length, gateway, or port settings.
The appliance adds a row to the table. Complete the following:
- Interface: Displays Additional Address (loopback). You cannot modify this.
- Address: Enter the IP address you want to add to the loopback interface. An IPv6 address is a 128-bit number in colon hexadecimal notation. It consists of eight 16-bit groups of hexadecimal digits separated by colons (example: 2001:db8:0000:0123:4567:89ab:0000:cdef or 2001:db8::123:4567:89ab:0:cdef). For Infoblox-4030 appliance, use a /128 CIDR for IPv6 while configuring multiple interfaces.
- Subnet Mask (IPv4) or Prefix Length (IPv6): You cannot change the netmask of the loopback interface. It is set to 255.255.255.255, or /32. For an IPv6 address, the mask is set to 128 and cannot be modified.
Note: You cannot configure the gateway address and port settings.
4. Save the configuration and click Restart if it appears at the top of the screen.
To add multiple IP addresses on the loopback interface, repeat the steps for each IP address.
Note: If you are configuring the loopback interface on a Grid Master, the Grid is temporarily disrupted upon saving the configuration and restarting services on the appliance. The Grid reconnects automatically and the appliance regains the role as Grid Master after a short delay.
Advertising Loopback Addresses to the Network
Advertising IP addresses on the loopback interface relies on the upstream router to populate routes to the loopback interface. As illustrated in Figure 24.2, when a client on a different subnet queries an IP address on the loopback interface, it sends the request to the router. If the IP address on the loopback interface is not advertised to the router, the request cannot reach the appliance. Therefore, when you configure non-anycast addresses on the loopback interface, or if OSPF or BGP is not configured within your network, you must configure the upstream router to reach the NIOS appliance through a static route on the LAN1 interface.
Note that when an appliance is configured for both authoritative and recursive queries, you should connect your internet interface through the LAN1 port to allow for maximum flexibility while using auxiliary LAN2 and MGMT ports. Consult with your network administrator for information about configuring static routes from the router to the additional IP addresses on the loopback interface.
Figure 24.2 Static Route for Loopback IP Addresses
When you configure DNS anycast addresses on the loopback interface, you can select OSPF, BGP, or both, to advertise the addresses to upstream and neighboring routers, without establishing a static route. For information, see About Anycast Addressing for DNS.
This page has no comments.