USING THE DNS/DHCP ADMINISTRATIVE INTERFACE Last Updated: 2012-3-5

USING THE DNS/DHCP ADMINISTRATIVE INTERFACE

TABLE OF CONTENTS When is registration needed? What about the zoned network?... 3 What about guests?... 3 Explaining split horizon DNS... 3 Accessing the DNS/DHCP administrative interface... 4 The home screen... 5 Static host entries vs. roaming host entries... 9 Creating a roaming host entry... 9 Creating a static host entry with static DHCP... 14 Using search... 21 Appendix A: Temporary network registration while zoned network is rolled out to campus....22 Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 2 of 23

WHEN IS REGISTRATION NEEDED? WHAT ABOUT THE ZONED NETWORK? The University of Notre Dame s network infrastructure is amidst many changes to improve both the security and reliability of its network services. During this transitional period, there will be slight differences in the user experience between various network mediums. This transitional period is required in order to ensure the availability of legacy networks and services while OIT deploys the Zoned Network project and finalizes ND secure and ND guest wireless networks. When connecting a new device to a legacy network (Nomad or legacy wired connections) users will continue to experience a mandatory registration process. This will provision their device for use on all legacy networks, but will not register them a hostname (i.e. yourmachine.campus.nd.edu). Users connecting to the new networks (ND secure, ND guest, or Wired Zoned networks) will authenticate to the network in order to achieve access. Authentication will occur via various methods including: captive portal, 802.1X, Cisco Clean Access agent. Users on these networks will also not automatically be given a hostname. Once a user has connected to one of the available campus networks, they can choose to request a hostname for their device. Users desiring a hostname for their machine can self register a hostname via https://webreg.nd.edu or by contacting their department IT staff or the OIT Help Desk at 574.631.8111 or oithelp@nd.edu. Network Registration Required Registration Optional Authentication Required ND secure X X (via 802.1X) ND guest X X (via web page or Cisco Clean Access Agent) Nomad X Wired Zoned Networks X X (via web page or Cisco Clean Access Agent) Legacy Wired Networks X WHAT ABOUT GUESTS? Guests should use the ND guest network with an account authorized and created by an active faculty, staff, or student. Guests do not need to register their computers/devices or have static hostnames or IP addresses. Accounts can be created at https://guestaccess.nd.edu. You can find complete details about guest access at http://oit.nd.edu/guest. EXPLAINING SPLIT HORIZON DNS The Office of Information Technology is replacing its legacy DNS and DHCP infrastructure with an appliance based solution. The new infrastructure will provide the University s networks with greater reliability and security, as well as providing resiliency in regards to disaster recovery. The new design will incorporate many industry best practices including an important methodology called Split Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 3 of 23

Horizon DNS. Split Horizon DNS allows for the separation of DNS information based on the user requesting the information. In the case of a University, the DNS information available to the users on campus will be on separate hardware and contain separate information than the DNS information available to the Internet. This technology allows for University to properly protect it internal resources, while also providing the flexibility to deliver a service differently depending on a user s location or affiliation. For more information regarding Split Horizon DNS, please refer to http://en.wikipedia.org/wiki/split horizon_dns or contact OIT Network Engineering. ACCESSING THE DNS/DHCP ADMINISTRATIVE INTERFACE 1. In a web browser, visit https://dnsadmin.nd.edu to access the DNS/DHCP production environment. The current version of Infoblox Grid Manager is web based user interface that replaces the previous java client based user interface. 2. Enter your NetID and password to login to Grid Manager. 3. Upon successfully logging in, you will be presented with the Home screen of the DNS/DHCP administrative interface. Note: Javascript must be enabled on your browser for Grid Manager to function properly. On Windows 7, Grid Manager supports IE 8.x, Firefox 3.6.x and 4.x, Chrome 7.x and 10.x. On Red Hat Enterprise Linux 6.x, Grid Manager supports Firefox 3.6.x and 4.x, Chrome 7.x and 10.x. On Mac OS 10.6.x, Grid Manager supports Safari 5.x, Firefox 3.6.x and 4.x, Chrome 10.x. For updated support information, please read Infoblox NIOS Administrator Guide (Page 19). Infoblox strongly recommends that you do not log in to Grid Manager from different browser windows using the same user account. Depending on the browser you use, it may cache user information in one session and apply it to another session. This can cause inconsistent behaviors within the browser sessions. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 4 of 23

THE HOME SCREEN 1. A typical layout of Grid Manager Interface is shown here. It identifies common elements of the interface and features that you can use. 2. Starting with version 6.3.x, the Tasks Dashboard is your home page on Grid Manager. It provides easy access to several commonly performed tasks. You may click on the Status Tab to go to Status Dashboard the home page in version 6.2.x. dns dhcp admin documentation.docx Copyright 2011 University of Notre Dame Office of Information Technologies Page 5 of 23

3. Status Dashboard provides access to the status of your Grid and networks. 4. The Dashboard provides various widgets for viewing and managing data. You can select the widgets that you need and configure them to provide relevant data. You may click Add Content, select and drag a widget to the desired location on your Dashboard. You can also move a widget, by selecting and dragging it to its new location on your Dashboard. Grid Manager saves your Dashboard configuration and displays it the next time you log in. For example, the Grid Status widget provides status information about the Grid members and services. You may want to configure My Commands widget to add a few frequently used commands to the widget. Note that you must have at least read only permission to the objects that a widget displays. Otherwise, though you are allowed to select and place the widget on the Dashboard, it does not display any information. 5. Data Management tab provides navigation access point to view and manage IPAM (IP Address Management), DHCP, and DNS data. The center part of Grid manager interface is called Workspace for you view and manage DNS and DHCP data. dns dhcp admin documentation.docx Copyright 2011 University of Notre Dame Office of Information Technologies Page 6 of 23

4. You can also see Finder Panel, Toolbar Panel, and Help Panel on Grid Manager interface. Finder Panel provides tools of Smart Folders, Bookmarks, Recycle Bin, and URL Links. Toolbar Panel provides easy access to commands. Help Panel provides Help information about the window currently displayed, Documentation about latest version of Infoblox Administrator Guide, Support to Infoblox web site, and About to view the NIOS software version. 5. One useful tool in Finder panel is to create and use Smart Folders to organize your core network services data. See basic steps in the graph shown above. The important step is to choose proper filter to organize the data you need to manage. Each smart folder you create can contain up to 2,000 objects. When the number of objects exceeds 2,000, Grid Manager sorts and displays the first 2,000 objects only. It also displays a warning message at the top of the panel. In this case, you may want to redefine your filter criteria to further refine the filtered data in your smart folders. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 7 of 23

6. You may use Bookmarks for easy retrieval of your data. Suppose you manage DNS zone of cc.nd.edu. To access data of cc.nd.edu, what you need to do are: click Data Management tab > click DNS tab > choose ND Campus view on the up left corner selection field > click ND Campus under Zone and DNS View > find nd.edu zone and click on it > Click on Subzones (on lower left corner of Workspace ) > find cc.nd.edu zone and click on it > click on Records and you will have access to records in cc.nd.edu. If you click on Bookmark icon, the ND Campus >cc.nd.edu object will be saved in Bookmarks under Finder Panel. You can create up to 500 bookmarks. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 8 of 23

STATIC HOST ENTRIES VS. ROAMING HOST ENTRIES Static host entry is an entry in DNS that maps a Fully Qualified Domain Name (FQDN) (hostname.domain.nd.edu) to an IP address for a given device. This is commonly needed when a device requires a specific IP address to be accessed by other devices in a given network such as a file server or web server. Roaming host entry is an entry in DHCP that maps a given FQDN to a MAC address (00:11:22:33:44:55). This is commonly needed when a device requires a specific hostname to be accessed by other devices in a given network, but will be continuously changing IP addresses. A roaming host entry is also commonly referred to as a Static Name. Registering a roaming host entry will ensure that a FQDN will correspond to a unique device regardless of its network or IP address. This is the type of entry most devices at Notre Dame use. CREATING A ROAMING HOST ENTRY This is the type of entry most devices at Notre Dame use. 1. With Grid Manger open, from the Data Management tab, select the DHCP tab and click the Networks tab > Roaming Hosts". Then click on + (Add) icon to add a new roaming host. 2. Select Add Roaming Host on the dialog box, and click Next button. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 9 of 23

3. On the next dialog box, enter in the specific FQDN for the roaming host entry in the Roaming Host Name field. In the MAC Address field, enter in the corresponding MAC address. 4. On the next dialog box, click the Override button in the Domain Name row. Enter just your domain (e.g., cc.nd.edu NOT THE FQDN) in the Domain Name field. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 10 of 23

5. In the Extensible Attributes dialog box, fill in the NetID for the both Admin and User attributes. These are required fields and must be entered. Also, enter in the FQDN in the Host field. Then click Save & Close button. 6. To ensure dynamic DNS for your roaming host, go back to the list of Roaming Host and find the entry you just created. Then click on Edit icon. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 11 of 23

7. On the Roaming Host dialog box, toggle to Advanced Mode, then click on IPv4 DHCP Options tab. 8. In the Custom DHCP Options field of IPv4 DHCP Options dialog box, choose host-name (12) string option, and enter the host name of the roaming host. This field is necessary for correct DDNS configuration. Copyright 2012 University of Notre Dame Office of Information Technologies Page 12 of 23

9. Then click on IPv4 DDNS tab. On the next dialog box, click Override button to DDNS Updates and check Enable DDNS Updates checkbox. Then click Override button to DDNS Domain Name and enter in the DDNS domain name. Click Save & Close button. 10. Alternatively, you may use https://webreg.nd.edu site to register a roaming host. Copyright 2012 University of Notre Dame Office of Information Technologies Page 13 of 23

CREATING A STATIC HOST ENTRY WITH STATIC DHCP 1. There are two ways to find out available IP address for you to assign a static host entry. The first one is to start with IPAM. For example, you need to find out available IP address in 129.74.34.0/24 network. You can start from Data Management tab > IPAM > ND Campus view, and click on the network container of 129.74.0.0/16. 2. Then, view the List of 129.74.34.0/24 network. From the list of all IP address usage, you can pick and choose one Unused IP address for your new host entry. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 14 0f 23

3. After you select an IP address, click on + (Add) > Host Record. 4. The first step to Add Host Record is to click on Select Zone button. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 15 of 23

5. In Zone Selector dialog box, enter the zone name, i.e. domain name, and click on Go button. Then click on OK button. 6. When you are back to Add Host Record dialog box, enter the specific hostname for the static host entry in the Name field. Then in the MAC Address field, enter the device s corresponding MAC address. If you need to reserve the static IP address in DHCP service and to set dynamic DNS, check DHCP checkbox and select the row, and click on Edit icon to edit DHCP options. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 16 of 23

If the MAC address is not known, the device must be hard coded with its IP address since DHCP will not function for that device. If the IP address to be assigned is inside a DHCP range, you need to put MAC address as 00:00:00:00:00:00 to reserve the IP address. DHCP server will not hand out an IP associated with all 0 s MAC as DHCP lease. 7. Let us return to the scenario that you check DHCP checkbox and edit DHCP options. The options for DDNS are Domain Name and host name. After entering those fields, click on Save & Close button. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 17 of 23

8. Now we return to Add Host Record dialog box. Click on Next button. 9. The next step in Add Host Record dialog box is to enter Extensible Attributes of Admin, Host, and User. Then click on Save & Close button. Last Updated:2012-3-5 Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 18 of 23

10. Alternatively, you can start with Data Management > DNS until you reach the appropriate subdomain, i.e. subzone, that you would like to add a static host entry. Then select + (Add) > Host > Host Record. 11. In Host Record dialog box, you may choose Add Address if you know what static IP address will be assigned for your host entry, or you can choose Next Available IP Address to find out an unused IP address for your host entry. The rest steps and similar to steps 4 9 above. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 19 of 23

12. If an alias is required for the static host entry, find the host record, and click on Edit icon. 13. In the Host Record edit dialog box, click on Aliases button, click on + (Add) icon, enter in the corresponding alias for the static host entry, and click on Save & Close button. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 20 of 23

14. If you would like this record viewable from off campus, then you will also need to publish the record in the ND External view. Select ND External view, and repeat the same steps to add the static host entry. Please note that there is no DHCP for ND External view. USING SEARCH 1. With Grid Manger open, click on the Global Search icon on the far right of the toolbar. In the Search dialog box, you can enter any information you currently know about an entry including: MAC address, hostname, domain name, IP address, comment fields, User/Admin entries. You may also choose filter rule with selection of Type, operator, and attribute value to speed search. Optionally, click the + icon to add another rule. You can add up 10 filter rules. 2. From search results, you may select the entry, and click the Edit icon to modify the existing entry, or click Delete icon to delete the existing entry. At any point when you use Grid Manager Interface, you may click Help Panel > Help to view information about the window displayed. For complete information about Grid Manager Interface, please read Infoblox NIOS Administrator Guide from Help Panel > Documentation. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 21 of 23

APPENDIX A: TEMPORARY NETWORK REGISTRATION WHILE ZONED NETWORK IS ROLLED OUT TO CAMPUS While the zoned network is rolled out to campus, users who are not yet on the zoned network will be required to register their computers as they have in the past. Please note: registration is ONLY REQUIRED if the computer or device is not on the zoned network or if a device is on the Nomad wireless network. Computers and devices on ND secure and ND guest wireless networks do not need to register. To register, users will need to launch a web browser, and they will be automatically redirected to the network registration site. After clicking Accept, people will need to login with their NetID and password. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 22 of 23

After clicking Register, they will be shown a confirmation page. They must close and restart their browser, and then they can continue using the Internet as they normally would. Copyright 2012 Uni versity of Notre Dame Office of Information Technologies Page 23 of 23