Page tree

Contents

The NIOS 8.6 release includes the following new features and enhancements:

New DNSKEY Algorithm (RFE-6068 and RFE-9845)

You can now add the ECDSAP/SHA-256 and ECDSAP/SHA-384 cryptographic algorithms which the Grid Master can use when it generates the Key-Signing Key Rollover (KSK) and Zone-Signing Key Rollover (ZSK).

Extensible Attribute-based Topology Rulesets (RFE-9107 and RFE-11133)

You can now specify IPAM objects types, network containers, networks, ranges, and hosts and their External Attribute (EA) values in the Extensible Attributes Source Types for Topology Rules field to be used as source types when defining DNS Traffic Control topology rules. For more information, see the Configuring DNS Traffic Control Properties

vNIOS Support for Microsoft Azure Stack Hub (RFE-8303)

You can now deploy the NIOS virtual appliance on Microsoft Azure Stack Hub. vNIOS for Microsoft Azure Stack Hub which is a hybrid cloud platform that enables a vNIOS appliance to deliver Azure services in an on-prem environment. You can deploy vNIOS for Azure Stack Hub instances from the Azure CLI or the Azure Stack Hub portal. For more information, see the vNIOS Infoblox Installation Guide for Microsoft Azure at docs.infoblox.com

Health Status of DNS Traffic Control Objects in API Responses (RFE-9893)

The Grid Master Candidate now provides the health status of DNS Traffic Control objects such as servers, pools, and LBDNs through WAPI requests.

Regenerating the Anycast Password (RFE-11117)

This release of NIOS introduces the set regenerate_anycast_password command that regenerates the anycast service password. The regenerated 8-character alphanumeric password is saved to the NIOS database and is used across all anycast configuration files (ospf.conf/bgp.conf/bfd.conf) for the following CLI commands: show ospf, show bgp, show ipv6_ospf, show ipv6_bgp, show bfd

This command is a maintenance mode command and has no arguments. Only superusers can execute this command. The value of password and enable password in the output of the configuration file commands such as show bfd are encrypted when you run the command. For more information, see the set regenerate_anycast_password.

Viewing Lightweight Access Point Details in Network Insight (RFE-9556)

You can now view the discovered lightweight access points on the Data Management > Devices page. The table displays the following information about the discovered lightweight access points: their name, IP address, device type, model, vendor, and device version. You can also view the discovery statuses and other information in the Discovery Status table (Data Management > Devices > Discovery Status).

Displaying the Lead Secondary Column in Name Server Group (RFE-2804)

You can now determine which member is configured as a lead secondary by adding in a column to the Authoritative Zone > Name Servers tab.

Support for creation_time for Host Records (RFE-8509)

NIOS 8.6.1 introduces the option of adding, updating, listing tthe creation timestamp value of DNS and non-DNS host records using Grid Manager and WAPI.

Support for IB-V4015 on Red Hat OpenShift (RFE-11545)

Red Hat OpenShift is now supported on IB-V4015 virtual appliance. For more information, see the Infoblox Installation Guide vNIOS for Red Hat OpenShift at docs.infoblox.com.

New Port Placements for the Infoblox 2205 and Infoblox 4005 Series Appliances

The front panels of the Infoblox 2205 Series and the Infoblox 4005 Series have been modified to have slots for the four ports (LAN2, HA, LAN1, MGMT) at the right. However, the Infoblox 2205 and Infoblox 4005 Series models that have the ports located at the center are also being shipped. There is no difference in software functionality between the models that have ports on the right and those that have ports in the center. Both the models will support NIOS versions prior to 8.5.4 and earlier.

For a visual representation of these models, see the Infoblox Installation Guide for 2205 Series Appliances and the Infoblox Installation Guide for 4005 Series Appliances documentation at https://docs.infoblox.com

ACL Support for the Last Queried Time in DNS Scavenging (RFE-7933)

You can now create an ACL or ACE for the Last Queried Time field in DNS scavenging and thus prevent a specified set of ACLs or ACEs from updating the last queried timestamp. A new GUI field called Prevent the following ACLs or ACEs from updating the last queried timestamp in the Grid DNS Properties > DNS Scavenging > Basic tab has been introduced. The set of ACL or ACEs can include IPv4 and IPv6 addresses and networks. For more information, see DNS Record Scavenging.

New Load Balancer to Add Persistence (RFE-6827)

You now have a new load balancing method called Source IP Hash to configure DNS Traffic Control pools. In this method, requests are distributed based on the hash value of an IP address from an incoming query and the health status of the pool or server. Here, clients have their own pool or server and are always associated with the same pool or server for the same query as long as the pool or server is green. If the health status of the pool or server turns red, NIOS switches the clients to the working pool or server and switches back when the health restores to green. For more information, see Load Balancing Methods for DNS Traffic Control.

New DNS Responses When No DNS Traffic Control Responses are Available (RFE-10212)

You now have the option to allow NIOS to either drop LBDN queries, or return DNS responses, or not return DNS responses when DNS Traffic Control responses are not available. Two new options have been introduced in the Data Management > DNS > Grid DNS Properties/Member DNS Properties > Traffic Control tab:

  • Drop LBDN matched DNS queries during full health update: this option drops all LBDN queries when the DNS service is waiting to receive a full health status update.
  • No specific behavior: this option does not return DNS responses when DNS Traffic Control responses are not available.

These options are in addition to the existing Return DNS response if there are no DNS Traffic Control responses available option which is selected by default. For more information, see the Configuring DNS Traffic Control Properties.

Consolidated Health Checking for DNS Traffic Control Grid Members (RFE-9427)

You can now choose the Grid members that must monitor health and share the health status. You can also select with which other members the health status is to be shared. You can do this by enabling or disabling the new Full Health Communication checkbox on the Data Management > DNS > Traffic Control > Health Monitors > Advanced tab. For more information, see the Configuring DTC Monitors for Health Check.

Notification Rule Enhancements

NIOS now includes the Delete operation type in the Outbound notification rules. The Delete operation type has been included for the DB Change DNS Record, DB Change DNS Zone, and Object Change Discovery Data event types. For more information, see the Configuring Notification Rules.

Infoblox BloxConnect

The Infoblox Customer Experience Improvement Program is now called Infoblox BloxConnect. This screen appears when you first log in to Grid Manager. The Infoblox Customer Experience Improvement Program checkbox used to configure BloxConnect, has now been renamed to BloxConnect Data Collection and Opt-Out Notice. For information about configuring BloxConnect, see the Setting Login Options.

IP Address in DHCP address conflict notification (RFE-5170)

NIOS now displays the conflicting IP address along with the conflict category when an email notification is sent in case of an IPAM IP address conflict.

The content of the IB-TRAP-MIB::ibTrapDesc.0 SNMP trap is updated to STRING: DHCP address conflicts with an existing host address. [IP address].

New Cluster Logout Event in the Syslog File (RFE-9840)

The syslog file now contains a cluster logout message to easily identify between network-related disconnects and distribution-related logouts in real time. The message is in the following format: <date:time> daemon infoblox.localdomain INFOBLOX-Grid[]: notice Cluster logout for node <node_name>, for node clean restart. 

WAPI Performance Optimization (RFE-9986)

The performance of the WAPI GET method has been optimized for SRV, CNAME, and DNAME records.

Grid Backup Details in the Audit Log (RFE-9614)

The audit log file now logs information about who started the database backup and where the database backup file is stored. For more information, see the Audit Log.

New CLI Command to Set DNS and Anycast Start and Restart (RFE-10176)

This release of NIOS introduces the following commands:

  • set restart_anycast_with_dns_restart: sets DNS and anycast start and restart sequences. This command brings down the anycast service during the DNS restart or stops and redirects the traffic on the IP address of anycast to another site. You can use this command only on Grid Master. 
  • show restart_anycast_with_dns_restart: displays the status of the set restart_anycast_with_dns_restart command.

For more information about these commands, see the set restart_anycast_with_dns_restart and show restart_anycast_with_dns_restart topics.

Hybrid HA Support

In NIOS 8.6, an HA setup can comprise a physical appliance and a virtual appliance. This setup is called a hybrid HA setup. For information about hybrid HA and its limitations, see the About HA Pairs.

Single Network Interface of vNIOS for GCP (RFE-9995 and RFE-9807)

This release of NIOS introduces an option to deploy vNIOS for GCP as a single network interface instance using VPC (Virtual Private Cloud) and shared VPC networks on GCP. This instance provides core network services such as DNS and IPAM services on a modular Infoblox solution. For more information, see the online Installation Guide for vNIOS for GCP at https://docs.infoblox.com/display/ILP/Appliances.

Resolving CNAME and DNAME Chains in A and AAAA Alias Records (RFE-9129)

NIOS now follows CNAME and DNAME chains if they appear as a target of an A or AAAA alias record and returns the RDATA in the final link of the CNAME and DNAME chain as the answer. The chain itself will not be present as part of the answer.

Resetting SNMP and CLI Credentials in Network Insight (SPTYRFE-97)

If SNMP or CLI credentials become obsolete for devices polled by Network Insight, this release of NIOS introduces the following new CLI commands to reset the credentials for all affected devices at once:

  • reset snmp: clears obsolete SNMP credentials (community strings) of devices polled by Network Insight.
  • reset cli: clears obsolete CLI credentials (community strings) of devices polled by Network Insight.

After clearing obsolete credentials, Network Insight reguesses the credentials for each device. For information about these commands, see the reset snmp and reset cli topics.

Credential Grouping for Discovery Devices in Network Insight

In Network Insight, you can now group credentials and assign them to devices based on their group. You can do this for devices globally, for probe members, or for individual devices. 

Credentials apply to devices at the following levels:

  • Grid Manager: settings apply across the Grid and all probe appliances licensed for discovery.
  • Discovery probe appliances: you can use inherited Grid settings or override them.
  • Individual devices: you can use inherited Grid or probe settings or override them with device-specific settings.

For more information, see the Configuring Discovery Properties.

Microsoft Server 2019 Support (RFE-10227)

NIOS 8.6 is supported on Microsoft Server 2019.

Discovery of Cisco Viptela SDN and SD-WAN devices

You can now discover SDN and SD-WAN devices from Cisco Viptela on-premise or cloud infrastructure using Network Insight. For more information, see the Configuring Discovery Properties.

Adjustable Support Bundle Download Timeout

You can override the default timeout value for support bundle download by a custom value. For more information, see the Downloading Support Bundles.

Support for New Vendors Using Advisor

A few more new vendors can use the Advisor service to monitor their device lifecycle and vulnerabilities. For more information, see the Monitoring Device Lifecycle and Vulnerabilities Using Advisor.

Display of Source Device for Discovered Networks

You can now view the device on which a network is discovered by Network Insight. For more information, see the Viewing Network Inventory.

Unbound Upgrade

The Unbound version has been upgraded to 1.10.1.

Enabling DDNS Updates from IPv6-Only DHCP Members (RFE-5118)

You can now enable DDNS updates from IPv6-only DHCP members.

DHCP Fingerprint Updates

NIOS now contains new and updated DHCP fingerprints and the fingerprint configuration file has been upgraded to version 10. For details about the fingerprint format, see the DHCP Fingerprint Detection.

 



  • No labels

This page has no comments.