The loopback interface is a virtual network interface on the appliance. You can do the following on the loopback interface:
When you use the loopback interface for anycast addressing, the upstream and neighboring routers can continue to advertise anycast addresses without being affected by hardware malfunctions. To configure non-anycast addresses on the loopback interface, complete the following:
To configure DNS anycast addresses and their advertising protocols, complete the following:
To separate DNS queries from DNS transfers and notify messages, complete the following:
You can configure IP addresses on the loopback interface to minimize service downtime during a server migration. As illustrated in Figure 24.1, you have two existing DNS servers (ns1.corpxyz.com 18.104.22.168 and ns2.corpxyz.com 22.214.171.124) and you want to replace these servers with a new one (ns3.corpxyz.com 126.96.36.199). The migration takes a few weeks and you want DNS services to be available on all three addresses during the migration. You can add all three IP addresses to the loopback interface of a NIOS appliance, and then configure the appliance to provide DNS services on all addresses. After the server migration, you can shut down the old servers and use the new one for services.
Figure 24.1 DNS Server Migration Using the Loopback Interface
You can configure multiple interfaces on the Infoblox-4030 appliance only. To configure LAN1, LAN2 and MGMT interfaces to the same IPv4 or IPv6 subnet, provide the same netmask for IPv4, or a CIDR prefix for IPv6, as the LAN1 interface. Alternatively, you can use a /32 netmask (255.255.255.255) for IPv4, or /128 CIDR prefix for IPv6 with the same subnet as LAN1 interface to configure multiple interfaces. An Infoblox-4030 can replace three DNS cache servers that are active on the same network. When you configure multiple interfaces on the same subnet, the outgoing traffic from NIOS host which is received through LAN2 and MGMT is directed to the LAN1 router for all interfaces on the LAN1 subnet, irrespective of the destination IP. However, if the LAN1 interface fails, the outgoing traffic will not be re-directed to any other interface and access to LAN2 and MGMT also fails.
To configure an IP address on the loopback interface:
Click the Add icon in the Additional Ports and Addresses table and select Additional Address (loopback) (IPv4) or Additional Address (loopback) (IPv6) from the drop-down list.
You cannot configure Additional Address (loopback) (IPv4) interface for an IPv6 Grid member and Additional Address (loopback) (IPv6) interface for an IPv4 Grid member. You can only enter the IP address you want to add to the loopback interface. You cannot configure the subnet mask, prefix length, gateway, or port settings.
The appliance adds a row to the table. Complete the following:
Subnet Mask (IPv4) or Prefix Length (IPv6): You cannot change the netmask of the loopback interface. It is set to 255.255.255.255, or /32. For an IPv6 address, the mask is set to 128 and cannot be modified.
You cannot configure the gateway address and port settings.
4. Save the configuration and click Restart if it appears at the top of the screen.
To add multiple IP addresses on the loopback interface, repeat the steps for each IP address.
If you are configuring the loopback interface on a Grid Master, the Grid is temporarily disrupted upon saving the configuration and restarting services on the appliance. The Grid reconnects automatically and the appliance regains the role as Grid Master after a short delay.
Advertising IP addresses on the loopback interface relies on the upstream router to populate routes to the loopback interface. As illustrated in Figure 24.2, when a client on a different subnet queries an IP address on the loopback interface, it sends the request to the router. If the IP address on the loopback interface is not advertised to the router, the request cannot reach the appliance. Therefore, when you configure non-anycast addresses on the loopback interface, or if OSPF or BGP is not configured within your network, you must configure the upstream router to reach the NIOS appliance through a static route on the LAN1 interface.
Note that when an appliance is configured for both authoritative and recursive queries, you should connect your internet interface through the LAN1 port to allow for maximum flexibility while using auxiliary LAN2 and MGMT ports. Consult with your network administrator for information about configuring static routes from the router to the additional IP addresses on the loopback interface.
Figure 24.2 Static Route for Loopback IP Addresses
This page has no comments.