Infoblox NIOS 8.4 CLI Guide

515
Page 1 RELEASE 8.4 Infoblox NIOS 8.4 CLI Guide

Transcript of Infoblox NIOS 8.4 CLI Guide

Page 1: Infoblox NIOS 8.4 CLI Guide

Page 1

RELEASE 8.4

Infoblox NIOS 8.4 CLI Guide

Page 2: Infoblox NIOS 8.4 CLI Guide

Page 2

1. Using the NIOS CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81.1 Accessing the Infoblox CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131.2 CLI Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141.3 ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161.4 ddns_add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171.5 ddns_delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181.6 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191.7 dig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201.8 dns_a_record_delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221.9 exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231.10 help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241.11 ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251.12 quit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261.13 reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271.14 reset all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281.15 reset arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291.16 reset database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301.17 reset reporting_data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311.18 reset ssh_keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321.19 restart service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331.20 rotate log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341.21 set admin_group_acl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351.22 set adp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361.23 set apache_https_cert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371.24 set auto_provision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381.25 set bfd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391.26 set bgp log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401.27 set bloxtools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411.28 set cc_mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421.29 set certificate_auth_admins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431.30 set certificate_auth_services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441.31 set check_auth_ns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451.32 set cloud_services_portal_force_refresh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461.33 set connection_limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471.34 set database_transfer scp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481.35 set debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501.36 set debug_analytics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511.37 set debug_snmpd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521.38 set default_revert_window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531.39 set default_route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541.40 set delete_tasks_interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551.41 set dhcpd_recv_sock_buf_size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561.42 set disable_gui_one_click_support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571.43 set disable_https_cert_regeneration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581.44 set disable_lazyload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591.45 set dns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601.46 set dns-accel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 611.47 set dns_rrl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621.48 set docker_bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641.49 set dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651.50 set enable_match_recursive_only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661.51 set forced_autosync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671.52 set grid_upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681.53 set hardware-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691.54 set ibtrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 701.55 set interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 711.56 set ip_rate_limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 731.57 set ipam_web_ui . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741.58 set ipv6_disable_on_dad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 751.59 set ipv6_neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761.60 set ipv6_ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771.61 set ipv6_status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 781.62 set lcd keys or set lcd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 801.63 set lcd_settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 811.64 set lcd_settings hwident . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 821.65 set license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 831.66 set lines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 841.67 set log_txn_id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 851.68 set lom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 861.69 set lower_case_ptr_dname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 871.70 set max_recursion_depth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 881.71 set max_recursion_queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 891.72 set membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 901.73 set mgm attached . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 911.74 set mld_version_1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 921.75 set monitor dns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 931.76 set monitor dns alert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 941.77 set ms_dns_reports_sync_interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 951.78 set ms_sticky_ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Page 3: Infoblox NIOS 8.4 CLI Guide

Page 3

1.79 set named_recv_sock_buf_size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971.80 set named_tcp_clients_limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 981.81 set network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 991.82 set nogrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1011.83 set nomastergrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1021.84 set nosafemode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1031.85 set ocsp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1041.86 set ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1051.87 set overload_bootp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1061.88 set phonehome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1071.89 set port_mac_addr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1081.90 set reporting_cluster_maintenance_mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1091.91 set promote_master . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1101.92 set prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1121.93 set recursion_query_timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1131.94 set remote_console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1141.95 set reporting_cert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1151.96 set reporting_cluster_maintenance_mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1161.97 set reporting_user_capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1171.98 set revert_grid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1181.99 set rpz_recursive_only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1191.100 set safemode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1201.101 set scheduled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1211.102 set security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1221.103 set session_timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1231.104 set smartnic monitor-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1241.105 set snmptrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1251.106 set ssl_tls_ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1261.107 set ssl_tls_protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1281.108 set ssl_tls_settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1291.109 set static_route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1301.110 set subscriber_secure_data add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1321.111 set subscriber_secure_data delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1341.112 set subscriber_secure_data never_proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1351.113 set subscriber_secure_data persist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1361.114 set support_access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1371.115 set sysName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1381.116 set tcp_timestamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1391.117 set temp_license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1401.118 set term . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1431.119 set thresholdtrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1441.120 set token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1451.121 set traffic_capture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1461.122 set txn_trace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1481.123 set wins_forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1491.124 show admin_group_acl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1511.125 show analytics_parameter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1521.126 show adp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1531.127 show arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1541.128 show auto_provision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1551.129 show bfd details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1561.130 show bgp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1571.131 show bind_tombstones_count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1581.132 show bloxtools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1591.133 show capacity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1601.134 show cc_mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1611.135 show certificate_auth_admins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1621.136 show certificate_auth_services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1631.137 show check_auth_ns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1641.138 show clusterd_info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1651.139 show config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1661.140 show connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1671.141 show connection_limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1681.142 show cpu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1691.143 show date . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1701.144 show database_transfer_status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1711.145 show debug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1721.146 show debug_analytics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1731.147 show default_route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1741.148 show delete_tasks_interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1751.149 show dhcp_gss_tsig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1761.150 show dhcpd_recv_sock_buf_size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1781.151 show dhcpv6_gss_tsig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1791.152 show disable_lazyload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1801.153 show disk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1811.154 show dns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1821.155 show dns-accel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1831.156 show dns-accel-cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1841.157 show dns_gss_tsig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

Page 4: Infoblox NIOS 8.4 CLI Guide

Page 4

1.158 show dns_rrl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1861.159 show docker_bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1871.160 show dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1881.161 show dtc_geoip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1891.162 show enable_match_recursive_only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1901.163 show file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1911.164 show forced_autosync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1931.165 show hardware_status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1941.166 show hardware-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1951.167 show hwid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1961.168 show ibtrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1971.169 show interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1981.170 show ip_rate_limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2001.171 show ipv6_bgp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2011.172 show ipv6_disable_on_dad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2031.173 show ipv6_neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2041.174 show ipv6_ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2051.175 show lcd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2061.176 show lcd_info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2071.177 show lcd_settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2081.178 show license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2091.179 show license_uid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2131.180 show license_pool_container . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2141.181 show log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2151.182 show logfiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2171.183 show log_txn_id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2181.184 show lom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2191.185 show lower_case_ptr_dname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2201.186 show reporting_cluster_maintenance_mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2211.187 show max_recursion_depth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2221.188 show max_recursion_queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2231.189 show memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2241.190 show mld_version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2251.191 show monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2261.192 show monitor dns alert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2271.193 show monitor dns alert status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2281.194 show ms_sticky_ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2291.195 show named_recv_sock_buf_size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2301.196 show network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2311.197 show ntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2321.198 show ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2331.199 show overload_bootp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2341.200 show phonehome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2351.201 show query_capture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2361.202 show recursion_query_timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2381.203 show remote_console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2391.204 show reporting_cluster_maintenance_mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2401.205 show reporting_user_capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2411.206 show routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2421.207 show rpz_recursive_only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2431.208 show scheduled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2441.209 show security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2451.210 show session_timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2461.211 show smartnic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2471.212 show snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2481.213 show ssl_tls_ciphers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2491.214 show ssl_tls_protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2501.215 show ssl_tls_settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2511.216 show static_routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2521.217 show status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2531.218 show subscriber_secure_data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2541.219 show subscriber_secure_data never_proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2561.220 show subscriber_secure_data persist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2571.221 show support_access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2581.222 show tcp_timestamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2591.223 show tech-support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2601.224 show temperature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2611.225 show thresholdtrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2621.226 show token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2631.227 show traffic_capture_status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2641.228 show upgrade_history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2651.229 show uptime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2661.230 show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2671.231 show vpn_cert_dates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2681.232 show wins_forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2691.233 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2701.234 snmpget . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2711.235 snmpwalk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2721.236 traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273

Page 5: Infoblox NIOS 8.4 CLI Guide

Page 5

2. Reference Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2742.1 Configurations Requiring Service Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2752.2 Open Source Copyright and License Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277

2.2.1 PCRE - Perl Compatible Regular Expressions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2802.2.2 The MIT License for Jansson . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2812.2.3 LibYAML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2822.2.4 GNU General Public License 2.0 for Suricata, Netfilter and IPTables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2832.2.5 PSF License Agreement for Python 3.5.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2862.2.6 PSF License Agreement for Python 2.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2872.2.7 Stix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2882.2.8 Mixbox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2892.2.9 Libtaxii . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2902.2.10 Importlib . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2912.2.11 Dateutil . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2922.2.12 Cybox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2932.2.13 Ehcache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2942.2.14 MIT License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2952.2.15 INFO-ZIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2962.2.16 The PHP License, version 3.01 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2972.2.17 Net-SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2982.2.18 The Independent JPEG Group's JPEG software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3012.2.19 The FreeType Project LICENSE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3022.2.20 COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3042.2.21 Distributed Computing Laboratory, Emory University . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3072.2.22 TASM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3082.2.23 OpenJDK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3092.2.24 AOP Alliance (Java/J2EE AOP standards) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3122.2.25 Eclipse Public License - v 1.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3132.2.26 ECLIPSE SOFTWARE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3152.2.27 Wietse Venema Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3162.2.28 ZLIB License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3172.2.29 VIM License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3182.2.30 OpenSSL License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3192.2.31 OpenLDAP License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3202.2.32 David L. Mills Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3212.2.33 BSD License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3222.2.34 MIT Kerberos Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3232.2.35 Lawrence Berkeley Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3242.2.36 Ian F. Darwin Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3252.2.37 Thai Open Source Software Center Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3262.2.38 Carnegie Mellon University Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3272.2.39 Julian Seward Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3282.2.40 ISC DHCP Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3292.2.41 ISC BIND Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3302.2.42 perl Artistic License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3312.2.43 Apache Software License, Version 2.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3322.2.44 GNU Lesser General Public License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334

2.3 Product Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3382.3.1 RFC Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3392.3.2 Agency Compliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3432.3.3 DC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3452.3.4 AC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

2.4 vNIOS Appliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3472.4.1 vNIOS for Appliances Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3492.4.2 vNIOS for VMware Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3512.4.3 vNIOS for Hyper-V Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3522.4.4 vNIOS for Xen Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3532.4.5 vNIOS for Riverbed Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354

2.5 Guidance Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3552.5.1 Secure Syslog Transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3562.5.2 Syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3572.5.3 Audit Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3602.5.4 Backing Up and Restoring the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3642.5.5 About DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3652.5.6 WebUI Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3662.5.7 Licenses and Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3672.5.8 Enabling / Disabling Common Criteria Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3682.5.9 Administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3692.5.10 Security Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370

2.6 CSV Import Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3712.6.1 Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3722.6.2 Customer Care . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3732.6.3 Guidelines for CSV Import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374

2.6.3.1 General Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3752.6.3.2 Data Specific Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3762.6.3.3 CSV Import Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3772.6.3.4 Limitations for CSV Import and Export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378

2.6.4 CSV File Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3792.6.4.1 Table 1.1 CSV File Example 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380

Page 6: Infoblox NIOS 8.4 CLI Guide

Page 6

2.6.4.2 Table 1.2 CSV File Example 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3812.6.4.3 Table 1.3 CSV File Example 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3822.6.4.4 CSV Import for Response Policy Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3832.6.4.5 CSV Format for Inheritable Extensible Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3852.6.4.6 Importing Inheritable Extensible Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3862.6.4.7 Importing Active Directory Domains and Sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3872.6.4.8 CSV Import for Topology Rulesets and Rules in DNS Traffic Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388

2.6.5 Supported Object Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3892.6.5.1 Table 1.4 Supported DNS Object Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3902.6.5.2 Table 1.5 Supported DHCP Object Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3922.6.5.3 Table 1.6 Other Supported Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3932.6.5.4 Member DNS Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3962.6.5.5 Authoritative Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3992.6.5.6 Forward-Mapping Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4022.6.5.7 Stub Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4032.6.5.8 AAAA Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4072.6.5.9 Alias Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4082.6.5.10 CNAME Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4092.6.5.11 MX Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4112.6.5.12 NAPTR Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4132.6.5.13 NS Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4152.6.5.14 PTR Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4162.6.5.15 TXT Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4182.6.5.16 SRV Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4192.6.5.17 TLSA Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4212.6.5.18 CAA Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4232.6.5.19 Host Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4242.6.5.20 IPv4 Host Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4262.6.5.21 IPv6 Host Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4282.6.5.22 Bulk Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4302.6.5.23 NXDOMAIN Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4322.6.5.24 Blacklist Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4332.6.5.25 Whitelist Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4342.6.5.26 DNS64 Synthesis Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4352.6.5.27 Response Policy Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4362.6.5.28 Response Policy A Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4372.6.5.29 Response Policy AAAA Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4382.6.5.30 Response Policy IP A Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4392.6.5.31 Response Policy IP AAAA Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4402.6.5.32 Response Policy MX Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4412.6.5.33 Response Policy NAPTR Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4422.6.5.34 Response Policy PTR Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4432.6.5.35 Response Policy SRV Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4442.6.5.36 Response Policy TXT Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4452.6.5.37 Response Policy CNAME Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4462.6.5.38 Response Policy IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4472.6.5.39 Response Policy Client IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4482.6.5.40 Response Policy IP Address CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4492.6.5.41 Response Policy Client IP Address CNAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4502.6.5.42 Dynamic Update Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4512.6.5.43 Member DHCP Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4542.6.5.44 Network View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4572.6.5.45 DNS View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4582.6.5.46 IPv4 Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4622.6.5.47 IPv6 Network Container . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4652.6.5.48 IPv6 Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4672.6.5.49 IPv4 Shared Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4692.6.5.50 IPv6 Shared Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4712.6.5.51 IPv4 DHCP Range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4722.6.5.52 IPv6 DHCP Range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4752.6.5.53 IPv4 Fixed Address/Reservation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4772.6.5.54 IPv6 Fixed Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4802.6.5.55 DHCP Fingerprint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4822.6.5.56 DHCP MAC Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4832.6.5.57 MAC Filter Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4842.6.5.58 Option Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4862.6.5.59 Option Filter Match Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4872.6.5.60 Relay Agent Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4882.6.5.61 DHCP Fingerprint Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4892.6.5.62 NAC Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4902.6.5.63 IPv4 Option Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4912.6.5.64 IPv6 Option Space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4922.6.5.65 IPv4 Option Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4932.6.5.66 IPv6 Option Definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4942.6.5.67 Permissions for DNS Resources with Associated IP Addresses in Networks and Ranges . . . . . . . . . . . . . . . . . . . . 4952.6.5.68 DHCP Failover Association . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4962.6.5.69 Upgrade Groups and Schedules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4992.6.5.70 Named ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5002.6.5.71 ACES in Named ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501

Page 7: Infoblox NIOS 8.4 CLI Guide

Page 7

2.6.5.72 Discovery Credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5022.6.5.73 DTC Header Items . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5032.6.5.74 DHCP Lease . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510

2.6.6 Importing Multiple Action CSV file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5112.6.6.1 Table 1.7 List of all CSV supported objects for export/import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512

2.7 Supported Expressions for Search Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515

Page 8: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 8

Using the NIOS CLIThe Infoblox CLI allows you to configure and monitor the appliance from a remote console using a set of commands. Some (Command Line Interface) administrative tasks, such as resetting the appliance, can be done only through the CLI. The CLI commands do not support IDNs. These commands display IDN data in punycode only. For more information about IDN, see .Multilingual Support

This section explains the CLI commands that you can use to configure and manage the NIOS appliance from a remote terminal. For the latest Infoblox documentation, visit the Infoblox Support web site at https://support.infoblox.com/.

Topic Content

Overview Explains how to access the Infoblox CLI using a console port or SSHv2 client. This topic also describes the CLI conventions and outlines the basic CLI commands.

CLI Commands

Explains the function and usage of each command, and provides an example of the command usage and expected results.

ConventionsThe conventions used in this section follow the Infoblox documentation style conventions, as listed in the following table.

Style Usage

screen Indicates session text or system information displayed on the screen

boldface screen Signifies command line entries that you type.

italic screen Signifies variables that you enter for your configuration, such as file names and group names.

CLI syntax uses conventions that are unique to documenting command line tools. The following table provides a list of syntax delimiters and their meanings.

Item Convention

{ } brackets Indicates a mandatory feature.

[ ] brackets Indicates an optional feature.

| pipe symbol Indicates an “or” relationship between two features.

VariablesInfoblox uses the following variables to represent the values of the configurations that exist on your appliance. You should substitute the variables with the actual values that match your site configuration.

Variable Value

admin_group Name of a group of administrators

admin_name Name of the appliance administrator

addr_range IP address range

domain_name Domain name

directory Directory name

dns_view DNS view

filter_name Filter name

grid_master Grid master

grid_member Grid member

hostname Host name of an independent appliance

id_grid Grid name

ip_addr IPv4 address

https://docs.infoblox.com/display/nios84/Multilingual+Support
https://support.infoblox.com/
Page 9: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 9

member Grid member name

netmask Subnet mask

network IP address of a network

numerical Numerical entry

zone DNS zone

The following is a list of commands that NIOS supports:

Accessing the Infoblox CLICLI Commands?ddns_addddns_deletedeletedigdns_a_record_deleteexithelppingquitrebootreset allreset arpreset databasereset reporting_datareset ssh_keysrestart servicerotate logset admin_group_aclset adpset apache_https_certset auto_provisionset bfdset bgp logset bloxtoolsset cc_modeset certificate_auth_adminsset certificate_auth_servicesset check_auth_nsset cloud_services_portal_force_refreshset connection_limitset database_transfer scpset debugset debug_analyticsset debug_snmpdset default_revert_windowset default_routeset delete_tasks_intervalset dhcpd_recv_sock_buf_sizeset disable_gui_one_click_supportset disable_https_cert_regenerationset disable_lazyloadset dnsset dns-accelset dns_rrlset docker_bridgeset dscpset enable_match_recursive_onlyset forced_autosyncset grid_upgradeset hardware-typeset ibtrapset interfaceset ip_rate_limitset ipam_web_uiset ipv6_disable_on_dadset ipv6_neighborset ipv6_ospfset ipv6_statusset lcd keys or set lcdset lcd_settingsset lcd_settings hwidentset licenseset lines

Page 10: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 10

set log_txn_idset lomset lower_case_ptr_dnameset max_recursion_depthset max_recursion_queriesset membershipset mgm attachedset mld_version_1set monitor dnsset monitor dns alertset ms_dns_reports_sync_intervalset ms_sticky_ipset named_recv_sock_buf_sizeset named_tcp_clients_limitset networkset nogridset nomastergridset nosafemodeset ocspset ospfset overload_bootpset phonehomeset port_mac_addrset reporting_cluster_maintenance_modeset promote_masterset promptset recursion_query_timeoutset remote_consoleset reporting_certset reporting_cluster_maintenance_modeset reporting_user_capabilitiesset revert_gridset rpz_recursive_onlyset safemodeset scheduledset securityset session_timeoutset smartnic monitor-modeset snmptrapset ssl_tls_ciphersset ssl_tls_protocolsset ssl_tls_settingsset static_routeset subscriber_secure_data addset subscriber_secure_data deleteset subscriber_secure_data never_proxyset subscriber_secure_data persistset support_accessset sysNameset tcp_timestampsset temp_licenseset termset thresholdtrapset tokenset traffic_captureset txn_traceset wins_forwardingshow admin_group_aclshow analytics_parametershow adpshow arpshow auto_provisionshow bfd detailsshow bgpshow bind_tombstones_countshow bloxtoolsshow capacityshow cc_modeshow certificate_auth_adminsshow certificate_auth_servicesshow check_auth_nsshow clusterd_infoshow configshow connectionsshow connection_limitshow cpushow dateshow database_transfer_statusshow debug

Page 11: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 11

show debug_analyticsshow default_routeshow delete_tasks_intervalshow dhcp_gss_tsigshow dhcpd_recv_sock_buf_sizeshow dhcpv6_gss_tsigshow disable_lazyloadshow diskshow dnsshow dns-accelshow dns-accel-cacheshow dns_gss_tsigshow dns_rrlshow docker_bridgeshow dscpshow dtc_geoipshow enable_match_recursive_onlyshow fileshow forced_autosyncshow hardware_statusshow hardware-typeshow hwidshow ibtrapshow interfaceshow ip_rate_limitshow ipv6_bgpshow ipv6_disable_on_dadshow ipv6_neighborshow ipv6_ospfshow lcdshow lcd_infoshow lcd_settingsshow licenseshow license_uidshow license_pool_containershow logshow logfilesshow log_txn_idshow lomshow lower_case_ptr_dnameshow reporting_cluster_maintenance_modeshow max_recursion_depthshow max_recursion_queriesshow memoryshow mld_versionshow monitorshow monitor dns alertshow monitor dns alert statusshow ms_sticky_ipshow named_recv_sock_buf_sizeshow networkshow ntpshow ospfshow overload_bootpshow phonehomeshow query_captureshow recursion_query_timeoutshow remote_consoleshow reporting_cluster_maintenance_modeshow reporting_user_capabilitiesshow routesshow rpz_recursive_onlyshow scheduledshow securityshow session_timeoutshow smartnicshow snmpshow ssl_tls_ciphersshow ssl_tls_protocolsshow ssl_tls_settingsshow static_routesshow statusshow subscriber_secure_datashow subscriber_secure_data never_proxyshow subscriber_secure_data persistshow support_accessshow tcp_timestampsshow tech-supportshow temperature

Page 12: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 12

show thresholdtrapshow tokenshow traffic_capture_statusshow upgrade_historyshow uptimeshow versionshow vpn_cert_datesshow wins_forwardingshutdownsnmpgetsnmpwalktraceroute

Page 13: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 13

1.

2.

3.

1. 2.

1. 2. 3.

1.

2. 3.

1. 2. 3.

4.

Accessing the Infoblox CLIYou can access the Infoblox CLI from a management system. The management system is the computer from which you configure and monitor the NIOS appliance. You can access the Infoblox CLI from the management system directly through a serial cable or remotely across an Ethernet network.

Console port access—Access the Infoblox CLI through a direct console connection from your management system to the appliance.SSHv2 client access—Accessing the Infoblox CLI remotely by making an SSHv2 connection across an Ethernet network.

Note: Only superusers can log in to the appliance through a console connection.

Console Port AccessYou can access the Infoblox CLI by using a terminal emulation program from the management system through a direct console connection.To access the Infoblox CLI through the console port:

Connect a serial cable from the console port on your management system to the console port on the appliance. The appliance has a male DB-9 console port on its front panel.Use the following connection settings to launch an emulation session through a serial terminal emulation program such as Hilgraeve Hyperterminal® (provided with the Windows® operating systems):

Bits per second: 9600Data bits: 8Parity: NoneStop bits: 1Flow control: Xon/Xoff

Use the following default user name and password to log in to the Infoblox appliance: admin

infoblox

User names and passwords are case-sensitive. Note:

SSHv2 Client AccessYou can access the Infoblox CLI from a remote management system. You must first enable remote console access before you can remotely access the Infoblox CLI. By default, remote console access (SSHv2 access) is disabled on the Infoblox appliance.You can enable remote console access on the Infoblox appliance through either the Infoblox GUI or the CLI. To enable remote console access through the Infoblox GUI:

Make an HTTPS or console connection to the appliance and log in to the appliance.For a Grid member or Grid Master, complete the following:

1. From the tab, select the tab, and then click -> from the Toolbar.Grid Grid Manager Grid Properties Edit2. In the editor, select the tab, and then select . Grid Properties Security Enable Remote Console Access3. Click .Save & Close

For an independent appliance, complete the following:

From the tab, select the tab, and then click -> from the Toolbar.System System Manager System Properties EditIn the editor, select the tab, and then select .System Properties Security Enable Remote Console AccessClick .Save&Close

To enable remote console access through the CLI:

From the command line, enter the following after the prompt:Infoblox >set remote_consoleEnter at the prompt.y Enable remote console access (grid-level)? (y or n):Confirm the settings.

After you enable the remote console access, you can access the Infoblox CLI from a remote location using an SSHv2 client.To access the Infoblox CLI using an SSHv2 client:

On the management system, open a remote console connection through an SSHv2 client.In a shell window or terminal window, log in with an account that has superuser privileges.Enter the user name and host name or IP address of the appliance. For example:

ssh [email protected], you can launch a graphical SSHv2 client and enter the information in the appropriate fields.

Page 14: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 14

CLI CommandsThe basic Infoblox CLI commands are alphabetically listed in the following table.

CLI Command Description

? Displays the help information.

ddns_add Sends DDNS updates to add records.

ddns_delete Sends DDNS updates to delete records.

delete Deletes specific files.

dig Performs a DNS lookup and prints the results.

dns_a_record_delete Delete a DNS A record

exit Exits the command interpreter.

help Displays the help information.

ping Sends ICMP ECHO requests to verify that the host is functioning properly.

quit Exits the command interpreter.

reboot Reboots the Infoblox appliance.

reset Resets the system settings.

rotate Rotates specific files.

set Sets the current system settings. This command has other related commands.

show Shows the current system settings. This command has other related commands.

shutdown Shuts down the Infoblox appliance.

traceroute Displays the path or route diagnostic information of the IPv4/IPv6 packets.

The reset , , set and show commands each have related commands. To view a complete list of the related commands on the remote console , go to the command prompt and enter help set or help show .

Using CLI HelpYou can display a list of available CLI commands by typing help at the command prompt. For example:

> help

?                    Display helpddns_add             Send DDNS update to add a recordddns_delete          Send DDNS update to delete a recorddelete Delete files               dig Perform a DNS lookup and print the results                 dns_a_record_delete  Delete a DNS A recordexit Exit command interpreter                help Display help                ping Send ICMP ECHO                quit Exit command interpreter                reboot Reboot device              reset Reset system settings               rotate  Rotate files              set Set current system settings                  show Show current system settings                shutdown             Shutdown devicetraceroute           Route path diagnostic

To view a detailed explanation about a CLI command and its syntax, type help <command> after the command prompt. For example:

> help rotate

Synopsis:

rotate log [ syslog | debug | audit | ifmapserver]rotate file groupname filename [ filename2, filename3, ...]

Page 15: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 15

Description:

Rotates the specified log file, up to 10 previous.logfiles will be preserved

Page 16: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 16

?The   command displays information about a specified CLI command. If you do not specify a command, a list of all available commands is shown.?

Syntax? [command]

Argument Description

command A variable that you substitute with any CLI command to display a description of the function and a synopsis of its usage.

Examples

Display a list of commands

Infoblox > ?==================================================================Command Summary==================================================================?                       Display helpdeleteDelete            filesdig                     Perform a DNS lookup and print the resultsexit                    Exit command interpreterhelp                    Display helpping                    Send ICMP ECHOquit                    Exit command interpreterreboot                  Reboot devicereset                   Reset system settingsset                     Set current system settingsshow                    Show current system settingsshutdown                Shutdown device traceroute              Route path diagnosticddns_add                Send DDNS update to add a record ddns_delete             Send DDNS update to delete a record rotate                  Rotate files=================================================================

Display details for a single command

Infoblox >   ? exitSynopsis:

exit, quit

Description:

Exits the command interpreter. There are no arguments to exit.

Page 17: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 17

ddns_addThe command sends DDNS updates to the appliance when you add new resource records. To use this command, ensure that you have ddns_addproperly configured the appliance for DDNS updates. For information, refer to the . To update a record that contains Infoblox NIOS Administrator GuideIDN, you must enter the domain name in punycode. The appliance retains the record in punycode and does not convert punycode to IDN.

Syntaxddns_add <domain-name> <ttl> <type> <data> [keyname:secret]

Argument Description

domain-name

The FQDN of the resource record being added. For example, if the name of the record is dns1 and the forward-mapping zone name is corp100.com, the FQDN is dns1.corp100.com.

For an IDN, use the punycode representation of the IDN. For example, if the name of the record is and the forwardmapping zone name is , the FQDN is corp100.com .xn--cjs.corp100.com

ttl The TTL value (in seconds) of the new resource record.

type The record type of the new resource record. For example, enter A for an A record and PTR for a PTR record.

data The RDATA of the resource record. For an IDN, use the punycode representation of the IDN. For example, enter the IP address of an A record or the domain name of a PTR record.

[keyname:secret]

The TSIG key name and the secret for sending DDNS updates. You must enter the TSIG key name and shared secret if the DNS zone to which the record belongs is configured with a TSIG key.

ExampleInfoblox > ddns_add dns1.corp100.com 20 A 10.0.0.11

Page 18: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 18

ddns_deleteThe command sends DDNS updates to the appliance when you delete existing resource records. To use this command, ensure that you ddns_deletehave properly configured the appliance for DDNS updates. For information, refer to the . To delete a record that Infoblox NIOS Administrator Guidecontains IDN, you must enter the domain name in punycode.

Syntaxddns_delete <domain-name> [type[keyname:secret ]]

Argument Description

domain-name The FQDN of the resource record being deleted. For example, if the name of the record is dns1 and the forward-mapping zone name is corp100.com, the FQDN is dns1.corp100.com.

For an IDN, use the punycode representation of the IDN. For example, if the name of the record is and the forwardmapping zone name is corp100.com, the FQDN is .xn--cjs.corp100.com

type The record type of the resource record. For example, enter A for an A record and PTR for a PTR record. This is optional.

[keyname:secret]

The TSIG key name and the secret for sending DDNS updates. You must enter the TSIG key name and shared secret if the DNS zone to which the record belongs is configured with a TSIG key.

ExampleInfoblox > ddns_delete dns1.corp100.com

Page 19: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 19

deleteThe   command deletes a specific file or a set of files.delete

Syntaxdelete [file]

Argument Description

file The name of the file which needs to be deleted

ExampleInfoblox >   delete abc.csv

Page 20: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 20

digThe command performs a DNS lookup on a specified server and displays the results. You can also use the inverse command to perform a reverse digDNS lookup. This command displays IDN data in punycode, if any, for the specified server. If you specify IP address of the Microsoft server in this command, the IDN data is displayed in \xyz format.

Syntaxdig [@server_address] <hostname> [type] [opt...]dig [@server_address] <ip-address> inverse

Argument Description

server_address

The IP address of the host on which you want to perform a DNS lookup.

hostname The name of the host on which you want to perform a DNS lookup.

ip-address The IP address of the host on which you want to perform a DNS lookup.

type You can enter any of the following for the object type (case sensitive): a, a6, aaaa, afsdb, any, apl, axfr, cert, cname, dhcid, div, dname, dnskey, ds, gpos, hinfo, hip, ipseckey, isdn, ixfr, key, keydata, kx, loc, maila, mailb, mb, md, mf, mg, minfo, mr, mx, naptr, none, ns, nsap, nsap_ptr, nsec, nsec3, nsec3param, null, nxt, opt, ptr, px, rp, rrsig, rt, sig, soa, spf, srv, sshfp, tkey, tsig, txt, unspec, wks, and x25. The default is a.

opt You can enter one or more of the following options:

-x (specifies the in-addr lookup) -b address (specifies the binding to the source address) -y name:key (specifies the named base64 tsig key)

+vc (enables the TCP mode)+norecurse (disables the recursive mode)+short (disables everything except the short forms of answers)+nssearch (searches all the authoritative nameservers)+trace (traces all the delegations from the root)+cdflag (requests the server not to perform a DNSSEC validation)+dnssec (requests the server to send DNSSEC records)+multiline (displays records in multiple lines)

Examples

Perform a DNS lookup

Infoblox > dig @10.0.2.60 www.infoblox.com a: <<>> DiG 9.6.1-p3 <<>> @10.0.2.60 -x www.infoblox.com a: <1 server found>:: global options: +cmd:: Got answer::: >>HEADER<< opcode: QUERY, status: NOERROR, id: 45283:: flags: qr aa rd ra: QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0:: QUESTION SECTION: : www.infoblox.com.                       IN             A:: ANSWER SECTION:www.infoblox.com        3600          IN            CNAME        infoblox.com.infoblox.com                 600           IN             A                  128.242.99.236:: Query time: 2 msec:: SERVER: 10.0.2.60#53<10.0.2.60>:: WHEN: Fri Feb 26 14:06:00 2010:: MSG SIZE rcvd: 64

Perform a reverse DNS lookup

Page 21: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 21

Infoblox > dig @10.0.2.60 inverse: <<>> DiG 9.6.1-p3 <<>> @10.0.2.60 inverse: <1 server found>:: global options: +cmd:: Got answer::: >>HEADER<< opcode: QUERY status: NXDOMAIN, id: 37916:: flags: qr rd ra: QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0:: QUESTION SECTION::inverse.                        IN          A:: AUTHORITY SECTION:. 10800                          IN          SOA      a.root-servers.net.nst1d.verisign-grs.com. 2010022601 1800 900 604800 86400:: Query time: 132 msec:: SERVER: 10.0.2.60#53<10.0.2.60>:: WHEN: Thu Feb 25 11:20:09 2010:: MSG SIZE rcvd: 100

Page 22: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 22

dns_a_record_deleteThe   command deletes a DNS record of A record type.dns_a_record_delete

Syntaxdns_a_record_delete <dns view> <record name> <zone name> <ip address>

Argument Description

<dns view> The DNS view where the target DNS A record belongs.

<record name> The name of the target DNS A record.

<zone name> The name of the parent zone.

<ip address> The IP address of the target record.

ExampleInfoblox > dns_a_record_delete default_view my_record.with.long.name test.com 1.2.3.4

Page 23: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 23

exitThe command terminates the command line interface and halts the CLI session. ( )exit quit

Syntaxexit, quit

Both commands produce the same results. There are no arguments for either command.

Command Description

exit Terminates the current CLI session.

quit Terminates the current CLI session.

ExamplesInfoblox > exitGood ByeConnection to closed. <IP address>Infoblox > quitGood ByeConnection to closed.<IP address>

Page 24: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 24

helpThe command displays information about a specified CLI command. If you do not specify a command, a list of all available commands is shown.help

Syntaxhelp [command]

Argument Description

command A variable that you substitute with any CLI command to display a description of the function and a synopsis of its usage.

Examples

Display a list of commands

Infoblox > help==================================================================Command Summary==================================================================?                       Display helpdeleteDelete            filesdig                     Perform a DNS lookup and print the resultsexit                    Exit command interpreterhelp                    Display helpping                    Send ICMP ECHOquit                    Exit command interpreterreboot                  Reboot devicereset                   Reset system settingsset                     Set current system settingsshow                    Show current system settingsshutdown                Shutdown device traceroute              Route path diagnosticddns_add                Send DDNS update to add a record ddns_delete             Send DDNS update to delete a record rotate                  Rotate files=================================================================

Display details for a single command

Infoblox > help exitSynopsis:

exit, quit

Description:

Exits the command interpreter. There are no arguments to exit.

Page 25: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 25

pingThe command verifies if a remote IPv4/IPv6 host is functioning and accessible across the network. When you execute the ping command, it sends pingfive (default) sequential ICMP ECHO requests to the host and displays the results.

Syntaxping {hostname | ip_address} [ opt ]

Argument Description

hostname The name of the remote host that you want to verify.

ip_address The IP address of the remote host that you want to verify.

optnumerical (specifies to not interpret the IP address as a DNS name) src_addr (specifies the starting or "from" address)v6 (specifies you are using an IPv6 hostname)broadcast (allows pinging to a broadcast address)

ttl<hops> (specifies the time-to-live setting for outgoing packets)packetsize<bytes> (specifies the number of data bytes to send)count<packets> (specifies number of echo_requests packets sent, default is 5, maximum is 250)

Examples

Valid host

Infoblox > ping 10.1.1.1pinging 10.1.1.1PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=0.295 ms64 bytes from 10.1.1.1: icmp_seq=2 ttl=64 time=0.102 ms64 bytes from 10.1.1.1: icmp_seq=3 ttl=64 time=0.155 ms64 bytes from 10.1.1.1: icmp_seq=4 ttl=64 time=0.211 ms64 bytes from 10.1.1.1: icmp_seq=5 ttl=64 time=0.265 ms— 10.1.1.1 ping statistics —5 packets transmitted, 5 received, 0% packet loss, time 4005ms rtt min/avg/max/mdev = 0.335/0.562/1.245/0.343 ms

Invalid host

Infoblox > ping jsparrowpinging jsparrowping: unknown host jsparrow

Page 26: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 26

quitThe   command terminates the command line interface and halts the CLI session.quit

Syntaxquit, exit

Both commands produce the same results. There are no arguments for either command.

Command Description

quit Terminates the current CLI session.

exit Terminates the current CLI session.

ExamplesInfoblox > quitGood ByeConnection to     closed.<IP address>

Infoblox > exitGood ByeConnection to     closed. <IP address>

Page 27: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 27

rebootThe command halts and then restarts the appliance. Use this command as a last measure when the appliance appears to be hung. Rebooting the rebootappliance clears the cache and resets the system.

Syntaxreboot

There are no arguments for this command.

ExampleInfoblox > rebootREBOOT THE SYSTEM? (y or n) y

Page 28: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 28

reset allThe command clears the NIOS appliance of database, configuration, and network settings. It then re-establishes the factory settings with the reset alldefault IP address, gateway, and subnet mask.The command clears database, configuration, and network settings. It also clears all licensing information from the appliance reset all licensesbefore re-establishing the factory settings.The command clears database, configuration, and network settings. It also re-enables auto-provisioning and a dynamic reset all auto_provisionIP address is assigned to the appliance.

Note: No previous data remains on the appliance after using these commands.

Syntaxreset all [licenses | auto_provision]

Argument Description

licenses Specifies the removal of all licenses during the process of re-establishing the factory settings on the appliance.

auto_provision Auto-provisioning is re-enabled and a dynamic IP address is assigned after re-establishing the factory settings on the appliance.

Examples

Re-establish factory settings

Infoblox > reset allThe entire system will be reset to default settings.WARNING: THIS WILL ERASE ALL DATA AND LOG FILES THAT HAVE BEEN CREATED ON THIS SYSTEM. ARE YOU SURE YOU WANT TO PROCEED? (y or n): y

Re-establish factory settings and remove all licenses

Infoblox > reset all licensesThe entire system will be reset to default settings and all licenses will be removed. WARNING: THIS WILL ERASE ALL DATA AND LOG FILES THAT HAVE BEEN CREATED ON THIS SYSTEM. ARE YOU SURE YOU WANT TO PROCEED? (y or n): y

Re-establish factory settings and re-enable auto-provisioning

Infoblox > reset all auto_provisionThe entire system will be reset to default settings and system will try to obtain a dynamic address.WARNING: THIS WILL ERASE ALL DATA AND LOG FILES THAT HAVE BEEN CREATED ON THIS SYSTEM. ARE YOU SURE YOU WANT TO PROCEED? (y or n): y

Page 29: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 29

reset arpThe command clears the ARP (Address Resolution Protocol) cache. The ARP maps IP addresses to the hardware MAC addresses and logs reset arpthem in a table which is stored in the cache. Over time, the IP address leases expire and are assigned to new devices (MAC addresses). Infoblox recommends that you periodically clear this cache to maintain valid mappings between IP addresses and MAC addresses.

Syntaxreset arp

This command has no arguments.

ExampleInfoblox > reset arpARP cache cleared.

Page 30: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 30

reset databaseThe command removes configuration files and DNS and DHCP data from the NIOS appliance database. However, the network and reset databaselicensing information remains intact. The network settings of the appliance include the IP address and subnet mask for the appliance, the IP address of the gateway, the host name, and the remote access setting.You can use this command to diagnose problems such as the following:

Misplacing the administrator account and password.Preserving the log files when clearing the database.

The command resets the NIOS appliance to default settings, re-enables auto-provisioning, and a dynamic IP address is reset database auto_provisionassigned to the appliance.

Syntaxreset database [auto_provision]

Argument Description

auto_provision Auto-provisioning is re-enabled and a dynamic IP address is assigned after resetting the database of appliance.

Reset the databaseInfoblox > reset databaseThe following network settings can be restored after reset: IP Address: 10.1.1.10Subnet Mask: 255.255.255.0Gateway: 10.1.1.1Host Name: ns1.corp100.comRemote Console Access: true The entire database will be erased. Do you wish to preserve basic network settings? (y or n) y

Reset the database and re-enable auto-provisioning

Infoblox > reset database auto_provisionThe entire system will be reset to default settings and system will try to obtain a dynamic address.WARNING: THIS WILL ERASE ALL DATA AND LOG FILES THAT HAVE BEEN CREATED ON THIS SYSTEM. ARE YOU SURE YOU WANT TO PROCEED? (y or n): y

Page 31: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 31

reset reporting_dataThe command resets all reporting data. reset reporting_data

Syntaxreset reporting_data

This command has no arguments.

ExampleInfoblox > reset reporting_dataWARNING: THIS WILL RESET ALL REPORTING DATA. DO YOU WANT TO PROCEED? (y or n): yARE YOU SURE YOU WANT TO PROCEED? (y or n): y

Page 32: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 32

reset ssh_keysThe command resets the SSH keys of the system. reset ssh_keys

Syntaxreset ssh_keys

This command has no arguments.

ExampleInfoblox > reset ssh_keysThe system's SSH keys were reset.

Page 33: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 33

restart serviceUse the command to restart services on a member. You can start individual service on the member, provided that the service is enabled. restart serviceNote that you can use this command to restart services only on single independent appliances and the active nodes of HA pairs. You cannot use this command on the Grid Master.

Syntaxrestart service [dhcp | dns | tftp | http-fd | ftp | ntp | bloxTools | captive_portal]

Argument Description

dhcp Restart the DHCP service

dns Restart the DNS service

tftp Restart the TFTP service

http-fd Restart the HTTP file distribution service

ftp Restart the FTP service

ntp Restart the NTP service

bloxTools Restart the bloxTools service

captive_portal Restart the captive portal service

ExamplesInfoblox > restart service dhcp

Page 34: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 34

1.

2.

rotate logThe command rolls, or rotates, specified log files. When the audit log, syslog file, and IF-MAP log each reaches its maximum size, the NIOS rotate logappliance automatically writes the file into a new file by adding a .0 extension to the first file and incrementing subsequent file extensions by 1. The maximum file size is 100 MB for the audit log, 300 MB for the syslog file, and 120 MB for the IF-MAP log.Files are compressed during the rotation process, adding a .gz extension following the numerical increment ( . .gz). The first file starts with .0 and file #subsequent file extensions are incremented by one until it reaches nine. For example, the current log file moves to .0.gz, the previous .0.gz moves to file file f

.1.gz, and so on through .9.gz. A maximum of 10 log files (0-9) are kept. When the eleventh file is started, the last log file ( .9.gz) is deleted, and ile file filesubsequent files are renumbered accordingly.When the debug log file reaches its maximum size, which is 300 MB, the appliance rotates it, but does not compress it. The appliance retains only one previous debug log file to which it adds a .old extension.This command is useful for diagnostic purposes. To export a file to the management system for viewing, you can include it in the support bundle.To download the support bundle:

From the tab or tab, select the tab or tab, and then click -> from the Grid System Grid Manager System Manager Download Support BundleToolbar.Select all options to include configuration and core file information in the output file, then save the tar file to a secure location on the management system.

Syntaxrotate log {syslog | debug | audit}rotate file groupname filename [filename2, filename3, ...}

Argument Description

syslog Syslog file

debug Debug log file

audit Audit log file

ExamplesInfoblox > rotate log debugThe selected log file has been rotated to infoblox.log.0.gz

Infoblox > rotate log auditThe selected log file has been rotated to audit.log.0.gz

Page 35: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 35

set admin_group_aclUse the set admin_group_acl disable command to disable ACL settings for a specific admin group. You will receive an error message when you try to disable a non-existing admin group.

Syntaxset admin_group_acl disable <Admin Group name>

Argument  Description

name Disables ACL settings for a specific admin group.

ExamplesInfoblox > set admin_group_acl disable some groupACL setting for 'some group' was disabled.Infoblox > set admin_group_acl disable nonexistinggroupInvalid name.

Page 36: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 36

set adpThe command enables or disables ADP (Advanced DNS Protection) on the supported platform. You can use this command only if set adp Threat Protecti

(hardware based) or licenses are installed on the platform.on Threat Protection (software add-on)

Syntaxset adp

Commands for Threat Protection (software add-on):set adp log <level>: Use this command to set the threat protection log level, where log level is between and . The 0 (emergency) 6 (info)default value is .6 (info)set adp log <emergency|alert|critical|error|warning|notice|info>: Use this command to set the threat protection log level.set adp monitor-mode <on|off>: Use this command to enable or disable the threat protection monitor mode on the respective member. The default value is .off

Syntaxset adp log <level>set adp log <emergency|alert|critical|error|warning|notice|info> set adp monitor-mode <on|off>

Commands for Threat Protection (hardware-based):set adp log <level>: Use this command to set the threat protection log level, where log level is between and . The 0 (emergency) 7 (debug)default value is .6 (info)set adp log <emergency|alert|critical|error|warning|notice|info|debug>: Use this command to set the threat protection log level.set adp monitor-mode <on|off>: Use this command to enable or disable the threat protection monitor mode on the respective member. The default value is .off

Syntaxset adp log <level>set adp log <emergency|alert|critical|error|warning|notice|info|debug> set adp monitor-mode <on|off>

Page 37: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 37

set apache_https_certUse the  command to  set apache_https_cert select one of the previously uploaded HTTPS certificates. NIOS displays the current certificate and all the previously uploaded certificates. You must choose the certificate that you want to use. The current certificate is then replaced with the certificate that you choose.

Syntaxset apache_https_cert

ExampleInfoblox > set apache_https_certCurrent apache certificate:    Serial: 7976560e71f701e1a7ee7865fe87d5a4    Common name: ib-10-34-128-114.infoblox.comAvailable certificates:    1. Serial: 0c8af1b24b1f58bb3d0d05e159841656 , Common name: www.infoblox.com    2. Serial: 4a73ac27c92a3f731696c1ec0874143d , Common name: ib-10-34-128-114.infoblox.com    3. Serial: 26a52734a316c30d43e30b66a6782b18 , Common name: ib-10-34-128-114.infoblox.com    4. Serial: 0720ccf94062234db372dd4c8df39dbb , Common name: ib-10-34-128-114.infoblox.com    5. Serial: 6bb99aedde38bfe1e1402aa19507a0e1 , Common name: ib-10-34-128-114.infoblox.com    6. Serial: 1dc7624dd221e1900aae0e1eec97fb59 , Common name: ib-10-34-128-114.infoblox.com    7. Serial: 7976560e71f701e1a7ee7865fe87d5a4 , Common name: ib-10-34-128-114.infoblox.com

Select certificate (1-7) or q to quit: 2Are you sure you want to do this? (y or n): yCertificate updated

Page 38: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 38

set auto_provisionThe command enables and disables auto-provisioning for the NIOS appliance. You cannot enable auto-provisioning for an appliance if set auto_provisiona static IP address is already set for an appliance. Note thatauto-provisioning can be enabled only on single appliances. To view the status of auto-provisioning for a NIOS appliance, see . show auto_provision

Syntaxset auto_provision {on | off}

Argument Description

on Enables auto-provisioning on an appliance.

off Disables auto-provisioning on an appliance.

Examples

Turn on auto-provisioning on an appliance

Infoblox > set auto_provision on

Turn off auto-provisioning on an appliance

Infoblox > set auto_provision off

Page 39: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 39

set bfdYou can use the set bfd command to set the BFD logging level. The default logging level is 'informational'. Changing the BFD logging level might cause disruption in advertising due to change. To view the detailed BFD session details, see .bfdd.conf show bfd details

Syntaxset bfd log [ debugging | informational | notifications | warnings | errors | critical | alerts | emergencies ]This command has no arguments.

ExampleInfoblox > set bfd log debugging

Page 40: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 40

set bgp logThe command sets the verbosity level of the BGP routing services and writes statistical information to the syslog. The information in syslog set bgp logcan be helpful for diagnostic purposes. When viewing the syslog file, lines with names such as bgp statistics are the BGP statistical information. To view information about the BGP protocol running on the member, see . show bgp

Note: To use this command, the NSQ software package must be installed.

Syntaxset bgp log {debugging | informational | notifications | warnings | errors | critical | alerts | emergencies }

Argument Description

debugging The verbosity level at which you select to write BGP statistics to syslog.

informational

notifications

warnings

errors

critical

alerts

emergencies

ExampleInfoblox > set bgp log debugging

Page 41: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 41

set bloxtoolsYou can use the command to permanently remove the bloxTools environment and all its data from the appliance. You can also use this set bloxtoolscommand to clear only the user uploaded data and reset the bloxTools environment to the factory default.

WARNING: When you use this command, bloxTools data is permanently removed from the appliance.

To view the bloxTools status, see . show bloxtoolsYou can download a copy of the existing bloxtools data using an FTP or SFTP client before you use this command to permanently delete the data. For information, refer to the .Infoblox NIOS Administrator Guide

Note: bloxTools data files are not automatically removed when the bloxTools environment is disabled. You must use this command to manually delete bloxTools data.

Syntaxset bloxtools reset {all | data}

Argument Description

all Clears all bloxtools related files, which include both the system and data files. You can use this argument to remove the entire bloxtools environment and its data from your appliance.

data Clears only the user uploaded data that is related to bloxTools and reset the bloxTools environment to the factory default.

Examples

Delete all bloxtools data files

Infoblox > set bloxtools reset allThis will erase all Bloxtools data permanently. Do you want to proceed? (y or n):yAre you sure you want to do this (y or n): Bloxtools reset.

Delete bloxtools user data

Infoblox > set bloxtools reset dataThis will erase all Bloxtools data permanently. Do you want to proceed? (y or n):yAre you sure you want to do this (y or n): Bloxtools reset.

Page 42: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 42

set cc_modeYou can use the command to set the Common Criteria mode. To enable or disable Common Criteria configuration, connect to the CLI set cc_modeconsole, and then enter the command. This command will restart the system when it exits the Common Criteria mode. If the system is set cc_modeenabled for Common Criteria, it will reboot in order to go through boot time self tests. You can use this command only on the Grid Master. The setting is propagated to all Grid members. You must restart the members after the configuration change. You can use the command to clear the reset allCommon Criteria mode. For information about , see .reset all reset all

Note: Factory reset must be done before using the Common Criteria mode.

Syntaxset cc_modeThis command has no arguments.

ExamplesInfoblox > set cc_modeEnable Common Criteria mode (grid-level)? (y or n): y New Common Criteria Mode Settings:Common Criteria mode enabled: Yes is this correct? (y or n): yPlease refer to the Guidance Documentation Supplement Appendix of theNIOS Administrator Guide for the requirements to operate a grid in a common criteria compliant manner.The system will be rebooted to place it into common criteria mode. Are you sure you want to continue (y or n): y

SYSTEM REBOOTING!

Connection to 10.35.111.3 closed.

Page 43: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 43

set certificate_auth_adminsUse the command to disable the certificate authentication service and allow users to log in without validation. Note set certificate_auth_adminsthat when you disable the certificate authentication service, the appliance terminates administrative sessions for all admin users.

Syntaxset certificate_auth_admins disable username

Argument Description

username Disables certificate authentication service and allows users to log in without validation.

ExamplesInfoblox > set certificate_auth_admins disable adminCertificate authentication for 'admin' was disabled.

Page 44: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 44

set certificate_auth_servicesUse the command to disable a specific certificate authentication service. You will receive an set certificate_auth_services disable nameerror message when you try to disable a non-existing certificate authentication service.

Syntaxset certificate_auth_services disable name

Argument Description

name Disables specified certificate authentication service.

ExamplesInfoblox > set certificate_auth_services disable nameCertificate authentication for 'name' was disabled. Infoblox > set certificate_auth_services disable DoD CaCCertificate Authentication Service for 'DoD CaC' was disabled.

Infoblox > set certificate_auth_services disable Some NameInvalid Name.

Page 45: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 45

set check_auth_nsThe   command enables/disables new functionality of checking NS RRset in a response's authority section before overriding set check_auth_nsdelegation NS RRset in recursive cache.

Syntaxset check_auth_ns <true|false>

Argument Description

true Enables new functionality of checking NS RRset in a response's authority section.

false Disables new functionality of checking NS RRset in a response's authority section.

ExamplesInfoblox > set check_auth_ns true

Page 46: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 46

set cloud_services_portal_force_refreshThe   command set the flag to request all domains detected by Infoblox Threat Analytics engine in the set cloud_services_portal_force_refreshCloud.

.

Syntaxset cloud_services_portal_force_refresh

There are no arguments for this command.

ExamplesInfoblox > set cloud_services_portal_force_refresh                Do you want to proceed? (y or n):n

Page 47: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 47

set connection_limitYou can use the set command to set the per client IP address maximum connection limit for the following protocols: HTTP and HTTPS. connection_limitNote that maximum connections here refer to the network level connections, not application level connections. For example, an HTTPS connection limit of 4 means that there can be a maximum of four TCP connections between any given client IP address and the appliance using the HTTPS protocol. Valid values are from 0 to 2147483647, where 0 means no limit. The default value is 20 for all protocols.

Note: Setting a low connection limit may have a negative effect on client functionality. For example, some versions of the Firefox browser require at least four TCP connections to function correctly with the appliance. Setting an HTTPS connection limit below four may result in certain browser issues.

To view the current connection limit, see . show connection_limit

Syntaxset connection_limit {http | https}

Argument Description

http Setting maximum connection limit for the HTTP protocol. Valid values are from 0 to 2147483647. The default value is 20.

https Setting maximum connection limit for the HTTPS protocol. Valid values are from 0 to 2147483647. The default value is 20.

Examples

Set the Per Client Address Maximum Connection Limit for the HTTP Protocol

Infoblox > set connection_limit http 150

Page 48: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 48

set database_transfer scpThe  command is used to trigger the Grid Manager database backup file to a specified SCP server.set database_transfer scp

Syntaxset database_transfer scp <server-ip> <user-name> <user-password or - > <file_path|filename> [nios|splunk|discovery]

set database_transfer scp <server-ip> <user-name> usekeys <rsa | ecdsa> <file_path|filename> [nios|splunk|discovery]

set database_transfer scp <server-ip> <user-name> <user-password> usekeys <rsa | ecdsa> upload_keys

set database_transfer scp <server-ip> <user-name> usekeys  <rsa | ecdsa> download_keys

Argument Description

server-ip Specifies the IP address of the remote SCP server.

user-name User who logs on to the SCP server to transfer data.

user-password or '-' Specifies the password of the remote SCP server.If you specify "  , you are prompted to enter a password.-"

file_path|filename Specifies the destination file path with a file name. However, if you specify only the file name, the file is saved in the default path.

usekeys <rsa | ecdsa>

Specifies RSA or ECDSA parameters to use with usekeys. You need not provide a password when using the usekeys argument from the second time onwards.

upload_keys | download_keys

< > specifies to copy the keys to the SCP server.upload_keys< > specifies to download the public key and then manually copy it to the SCP server at download_keys .ssh

 /authorized_keys

nios|splunk|discovery Specifies whether to include NIOS or Splunk or discovery data in the database backup.

ExamplesDownload the public keys and transfer the database backup to the SCP server:

Infoblox > set database_transfer scp 11.35.3.249 root usekeys rsa download_keys

Key :ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAABAQC5lix5vaoPVI7MsoWvu265fh6+ciHJoT8raZ1stfvW+ZUIL3lUK7477Ql2z1yJTUnExW+AyRMTRivRdcOPTUzKkhjEQdSiKDSTIAIVr593hoK7WjJ12JY+bGDQk+nPxsdPOGoSpR1N35oXv5hO5Et0ppyX8SIsSAPwIU6jrxyW44ZE9745mNw/d3BJKq+RDh8+NmmmWIYTIgwF7yHcg0Bc4mqhEU9ZmJCvZh1cUk7bt+OGNwJbFpWfDMB35No3E6MsGPNbuXaswdRZVbpN9jzE0WygRDRIIGRZR2lWWbQXsppQig0gOwVkExKiVoMocGNzKm0rXYDrT8/kXiWj [email protected]

Infoblox > set database_transfer scp 11.35.3.249 root usekeys rsa tmp/

WARNING: This operation will take some time.Do you want to proceed? (y or n):yInfoblox > show database_transfer_statusTransfer Complete

Upload the keys to transfer the data without entering the password:

Infoblox > set database_transfer scp 11.35.3.249 admin password usekeys rsa upload_keys

Sucessfully Pushed Public key to SCP ServerInfoblox > set database_transfer scp 11.35.3.249 admin usekeys rsa tmp

WARNING: This operation will take some time.Do you want to proceed? (y or n):yInfoblox >

Transfer the existing database backup file to a remote SCP server using the SCP protocol by specifying a user name and password. In the following example, denotes the database backup file in the remote SCP server:file1

Page 49: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 49

Infoblox > set database_transfer scp 11.120.21.237 admin password file1

WARNING: This operation will take some time.Do you want to proceed? (y or n):yInfoblox > show database_transfer_statusBackup in progress.Infoblox > show database_transfer_statusTransfer CompleteInfoblox >

Transfer the existing database backup file to a remote SCP server using the SCP protocol by specifying a user name and password, where the password is prompted in an interactive mode. In the following example, denotes the destination directory to which the database backup file is transferred:tmp1/

Infoblox > set database_transfer scp 11.120.21.237 admin - tmp1/Enter password: password

WARNING: This operation will take some time.Do you want to proceed? (y or n):yInfoblox > show database_transfer_statusBackup in progress.Infoblox > show database_transfer_statusTransfer Complete

Page 50: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 50

set debugThe command enables and disables debug logging for the NIOS appliance. Debug logging is the most extensive and verbose logging that is set debugavailable on the appliance. It captures all levels of messaging. The output is written into the debug log file. For information on how to view this output, see s

. how logUse this command to capture specific occurrences. However, only use it for short periods of time. Do not leave it running for extended periods of time. Due to the amount of data that is captured, leaving this feature running for any length of time can affect the performance of the appliance. For this reason, it is best to use this command during non-peak hours.

Note: Infoblox recommends that you turn debug logging off, unless Infoblox Support specifically directs you to turn this feature on. If you leave debug logging turned on, it can cause performance issues.

Syntaxset debug [distribution|upgrade|firewall|ntp|slog|all] [on|off]

Argument Description

all Specifies debug logging for all services as enabled or disabled.

on Enables debug logging.

off Disables debug logging.

Examples

Enable debugging

Infoblox > set debug all onEnabled debug logging for : all

Disable debugging

Infoblox > set debug all offDisabled debug logging for: all

Page 51: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 51

set debug_analyticsThe  command enables or disables debugging of Analytics service.set debug_analytics

Syntaxset debug_analytics [on|off]

Argument Description

on Enables debugging of Analytics service

off Disables debugging of Analytics service

Examples

Enable debugging

Infoblox >   set debug_analytics on

Disable debugging

Infoblox > set debug_analytics off

Page 52: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 52

set debug_snmpdThe  command enables or disables debugging of Analytics service.set debug_snmpd 

Syntaxset debug_snmpd [on|all|off]

Argument Description

on Turn on debug logging for SNMPD

all Turn on detailed debug logging for SNMPD

off Turn off debug logging for SNMPD

Examples

Enable debug logging

Infoblox > set debug_snmpd on

Disable debug logging

Infoblox > set debug_snmpd off

Page 53: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 53

set default_revert_windowUse the command to configure the Grid default time window for reverting a member after it was upgraded from NIOS set default_revert_window6.4.0 to a later release. Note that you can only change the default value on the Grid Master. When you change the default value, the new revert window affects only the members that have not been upgraded.

Syntaxset default_revert_window hours

Argument Description

hours The number of hours configured for the default revert window. The minimum value is 1 and the maximum is 48. The default is 24.

ExampleInfoblox > set default_revert_window 36Member revert window is currently: 24hMember Revert Window being changed to 36 hours Is this correct? (y or n): yMember Revert Window change will only affect members which are not yet upgraded. Member Revert Window is changed.

Page 54: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 54

set default_routeThe command allows you to configure the default gateway for the NIOS appliance. You can set the gateway address of LAN1 or set default_routeLAN2 as the default route. You can also specify the IPv4 or IPv6 gateway address. You can also set an optional VLAN gateway address and make it the default route.

Syntaxset default_route LAN1|LAN2set default_route IPv4gateway [IPv6gateway] | IPv6gateway [IPv4gateway]

Argument Description

LAN1LAN2

Specifies the LAN1 gateway address.Specifies the LAN2 gateway address.

IPv4gatewayIPv6gateway

Specifies the IPv4 gateway address.Specifies the IPv6 gateway address.

ExampleInfoblox > set default_route LAN1Infoblox >set default_route LAN2Infoblox > set default_route 10.35.0.1 2620:10a:6000:2400::1 Infoblox > set default_route 2620:10a:6000:2400::1

Page 55: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 55

set delete_tasks_intervalUse the command to configure the time interval the appliance waits until it deletes completed and rejected tasks from set delete_tasks_intervalthe system. Grid Manager displays these tasks in the tab until they are deleted from the system. By default, Grid Manager displays these Task Managertasks for 14 days. You can configure this time interval. Valid values are from 1 to 30 days.Use the command to view the current time interval. For information, see .show delete_tasks_interval show delete_tasks_interval

Syntaxset delete_tasks_interval days

Argument Description

days The number of days completed and rejected tasks are displayed in the tab before they are deleted. The minimum value is TaskManager1 and the maximum is 30. The default is 14.

ExampleInfoblox > set delete_tasks_interval 25Current delete tasks interval is 14 daysThe delete tasks interval has been changed to 25 days Is this correct? (y or n): yThe delete tasks interval has been changed.

Page 56: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 56

set dhcpd_recv_sock_buf_sizeYou can use the command to tune the DHCP receive socket buffer memory. The DHCP receive socket buffer holds set dhcpd_recv_sock_buf_sizeDHCP packets that are queued on the UDP (User Datagram Protocol) port from the NIC (Network Interface Controller). This command is useful when you want to increase the DHCP receive buffer size to accommodate occasional burst traffic and high volume DHCP requests. Use the show dhcpd_recv_sock_

to view the current buffer size.buf_size

Note: Ensure that you use this command only when you are dealing with burst traffic situations in high volume deployments.

Syntaxset dhcpd_recv_sock_buf_size N [120 <= N <= 8192, 1536=default]

Examples

Argument Description

N The number of kilobytes to which you want to set the BIND receive socket buffer size. The minimum is 120 kilobytes and the maximum is 8192. The default is 1536.

Infoblox > set dhcpd_recv_sock_buf_size 1500DHCP service restart is required in order for the changed value to take effect

Page 57: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 57

set disable_gui_one_click_supportThe command permanently disables the feature to submit technical support requests through the Infoblox set disable_gui_one_click_support GUI.

Syntaxset disable_gui_one_click_support

There are no arguments for this command.

ExampleInfoblox > set disable_gui_one_click_supportWARNING: Once you permanently disable this feature, you cannot enable it again.Are you sure you want to proceed? (y or n): y

Page 58: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 58

set disable_https_cert_regenerationUse the  command to turn on or off the automatic regeneration of a self-signed HTTPS certificate.set disable_https_cert_regeneration

NIOS regenerates a certificate in the following scenarios:

If you change a host name and the new name does not match the name of the existing certificate. This is especially useful for wildcard certificates.If the certificate is self-signed and the regeneration is enabled (it is enabled by default) , restarting NIOS or changing the host name or IP address causes NIOS to regenerate the certificate.

Syntaxset disable_https_cert_regeneration [on|off]

Argument Description

on . Automatic certificate regeneration is enabled by default.Disables the automatic regeneration of the self-signed HTTPS certificate

off Enables the automatic regeneration of the self-signed HTTPS certificate

ExampleInfoblox > set disable_https_cert_regeneration offHTTPS certificate regeneration enabled.

Page 59: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 59

set disable_lazyloadThe   command enables or disables lazy loading of objects. Lazy loading is enabled by default. You can use tset disable_lazyload he show disable

For more information, see _lazyload command to displays the status of lazy loading.  show disable_lazyload.

Syntaxset disable_lazyload [on|off]

Argument Description

off Enable lazy loading of objects.

on Disable lazy loading of objects.

Examples

Enable lazy loading

Infoblox > set disable_lazyload offLazy loading enabled. Please reboot to make changes take effect.

Disable lazy loading

Infoblox > set disable_lazyload onLazy loading disabled. Please reboot to make changes take effect.

Page 60: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 60

set dnsThe command enables you to control the DNS cache. You can flush the cache file of a DNS view or flush a particular entry from a cache file. set dnsYou can also flush a specific domain and its subdomains from the DNS cache. In addition, you can schedule an inbound zone transfer from an external primary server. This command displays IDN data in punycode. You can also use this command to delete cache files from the default DNS view for DNS cache acceleration on IB-FLEX.

Syntaxset dns flush all [dns_view]set dns flush name name [dns_view]set dns transfer zone [dns_view]set dns flush tree <part-of-domain-name> [dns_view]

Argument Description

all Flushes the cache file from the default view.

dns_view Specifies a particular DNS view.

name Flushes the specific entry from the cache.

zone Specifies the zone for the inbound transfer from an external primary server.

tree <part-of-domain-name>

Flushes the specified domain and its subdomains from the DNS cache. For example, if you enter the domain name corp100.com, then the specified domain and its subdomains such as www.corp100.com, corp100.com, x.corp100.com, etc. are cleared from the DNS cache.

Example

Flush the cache file from the default DNS view

Infoblox > set dns flush all

Flush the specified domain and its subdomains from the default DNS view

Infoblox > set dns flush tree corp100.com default

Page 61: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 61

set dns-accelThe command enables you to set certain parameters for the feature. This command is available for:  set dns-accel DNS Cache Acceleration

IB-4030 appliances only when the n license is present.DNS Cache AcceleratioIB-FLEX only if the license is present in the Grid.Flex Grid Activation

Syntaxset dns-accel log <level>set dns-accel log <emergency|alert|critical|error|warning|notice|info|debug>

Argument Description

level The DNS Cache Acceleration log level, where log level is between 0 and 7, and the default value is 6.

<emergency|alert|critical|error|warning|notice|info|debug>

Specifies one of these log levels.

ExampleInfoblox > set dns-accel log 2

Infoblox > set dns-accel log notice

Page 62: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 62

set dns_rrlUse the command to configure RRL (Response Rate Limiting) settings for the Grid or members. Changes made using this command are set dns_rrlapplied immediately to an active DNS resolver, although there could be replication delays for Grid Master configuration of other members. Use the show dn

to view the current RRL settings. s_rrl

Syntaxset dns_rrl enableset dns_rrl disableset dns_rrl [member <hostname> | view <viewname>] [override|inherit]set dns_rrl [member <hostname> | view <viewname>] [enable|disable]set dns_rrl [member <hostname> | view <viewname> | grid]

[responses_per_second <number>|disable] [window <number>|default][slip <number>|default|disable] [logging enable|disable|default][log_only true|false|default]

The Note: set dns_rrl command accepts the member, view, and grid options only on the Grid Master.

Argument Description

enable Enable RRL with previously configured values.

disable Disable RRL

member <hostname>

The FQDN of the Grid member.

view <viewname>

The name of the DNS view.

override|inherit

For a Grid member, specify whether you want to override the Grid RRL settings or inherit them from the Grid.

responses_per_second <number>

The number of DNS responses per second for the RRL. Valid values are from 1 to 1000. Although the BIND default is 0, which means there is no limit or RRL is disabled, you cannot set this to 0 in NIOS. Use the “disable” argument to disable this feature. The default is 100.

window <number>|default

A rolling window of time (in seconds) within which DNS responses are tracked. Valid values are from 1 to 3600 seconds. The default is 15 seconds.

slip <number>|default|disable

The number of UDP requests that the appliance skips before answering with a truncated response. For example, if you set the slip number to 2, the appliance responds to every other UDP request.Valid numbers are from 0 to 10. The appliance does not “slip” if the number is set to 0. The default is 2.

loggingenable|disable|default

Enable or disable the logging of RRL events to the “rate-limit” logging category in syslog. This is enabled by default; however, RRL events are logged to the “rate-limit” category only if RRL is enabled. Note that inheritance for logging categories applies; therefore, you must explicitly override Grid logging categories on a member for changes to the member logging setting to take effect. You cannot use the dns_rrl override command to override logging configuration for a member. Changes made to this setting require a service restart.

log_only true|fals

e|default

Set this to true to test the RRL settings without dropping any requests. Set this to false to enable RRL. The default is false.

Examples

Configure the Grid RRL settings on the Grid Master

Infoblox > set dns_rrl responses_per_second 100 log_only false window default slip 2 logging disable

Note: You can also execute the above command on a Grid member to change the RRL settings for that member.

Page 63: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 63

Override the Grid RRL settings on a Grid member

Infoblox > set dns_rrl corp100.com override responses_per_second 300 log_only false window 200 slip 3

Inherit the Grid RRL settings on a Grid member

Infoblox > set dns_rrl corp100.com inherit

Page 64: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 64

set docker_bridgeThe   command resets the IP address of the current Docker bridge to the IP address that you specify. You can view the IP address set docker_bridgeof the   by running the   command.current Docker bridge show docker_bridge

Syntaxset docker_bridge

This command has no arguments.

ExampleInfoblox > set docker_bridgeEnter Bridge Gateway/CIDR: 172.17.0.1/16New Docker Bridge settings:Bridge Gateway/CIDR:   172.17.0.1/16Current Docker Bridge settings:Bridge Gateway/CIDR:   172.16.0.1/16WARNING: This operation will restart the system to reset the current docker bridge settings.Do you want to proceed? (y or n):yDocker bridge settings have been updated.System will be restarted.

Note

The warning message to restart the system is displayed only if the Enable Recursive Queries Forwarding to BloxOne Threat  check box is selected. For information about this check box, see Defense Cloud Forwarding Recursive Queries to BloxOne Threat

.Defense CloudInfoblox recommends that you run the   command only on non-routable IP addresses.set docker_bridgeInfoblox does not recommend that you run the   command on a passive HA nodeset docker_bridge

https://docs.infoblox.com/display/nios84draft/show+docker_bridge
https://docs.infoblox.com/display/nios84draft/Using+Forwarders#UsingForwarders-bookmark1576
https://docs.infoblox.com/display/nios84draft/Using+Forwarders#UsingForwarders-bookmark1576
Page 65: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 65

set dscpUse the command to configure the DSCP value, which determines the PHBs (per-hope behaviors) on DiffServ compliant nodes and enables set dscppriorities of services to be assigned to network traffic. When you set the DSCP value, the appliance implements QoS (quality of service) rules based on your configuration so you can effectively classify and manage your critical network traffic. Note that on an appliance, all outgoing IP traffic on all interfaces uses the same DSCP value. You can configure this value for the Grid. You can also override the Grid setting for individual members.DSCP is supported on both IPv4 and IPv6 transports. This feature is currently supported on the following Infoblox appliances: Trinzic 2210, Trinzic 2220, and Infoblox-4010. For information about these appliances, refer to the respective installation guides.

Syntaxset dscp grid [value]set dscp member [value]set dscp member inherit

Argument Description

value The DSCP value. You can enter a value from 0 to 63. The default is 0 and it represents the lowest priority.

Example

Set the Grid DSCP value

Infoblox > set dscp grid 32

Override the Grid DSCP value for a specific member

Infoblox > set dscp member 20

Inherit the Grid DSCP value

Infoblox > set dscp member inherit

Page 66: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 66

set enable_match_recursive_onlyUse the command to enable or disable the match-recursive-only option for a specific DNS view on a specific Grid set enable_match_recursive_onlymember. You can also use the match-recursive-only option in combination with the Match Clients and Match Destinations settings to restrict and filter client access for specific DNS views on specific Grid members. For information about how to use these features, refer to the .Infoblox NIOS Administrator GuideIf you want to enable this setting for a DNS view, ensure that the setting is enabled for the DNS view on the specified member.Enable RecursionTo check the status of this setting for all DNS views on a Grid member, use the CLI command. For information, show enable-match-recursive-onlysee . show enable_match_recursive_only

Syntaxset enable_match_recursive_only <true|false|inherit> [dns_view]

Argument Description

<true|false|inherit>

Set the enable_match_recursive_only setting to true, false or , inherit The default value is . inherit. The true setting enables the match-recursive-only option for the specified DNS view on the specific member; false disables it for the specified DNS view on the specific member. Inherit represents the setting for the DNS view ( true or false that is populated across all members )serving that DNS view. By specifying true or false you override the , inherit setting for the specific member. Specifying inherit restores the inherited setting for the specific member.

dns_view Optional parameter to specify the DNS view. If this parameter is omitted, the setting affects only the default DNS view. If the specific Grid member does not serve the default DNS view, you will receive an error message by omitting this parameter.

ExampleInfoblox > (affects default DNS view only if default DNS view is served set enable_match_recursive_only trueby member)Infoblox > set enable_match_recursive_only true externalInfoblox > set enable_match_recursive_only false corp100salesInfoblox > set enable_match_recursive_only inherit external

Page 67: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 67

set forced_autosyncThe command forces a Grid member to automatically synchronize with the Grid Master when there is a join attempt to the Grid. set forced_autosyncThis command can be used as an emergency workaround when a Grid is in a staged upgrade, and a Grid member that is waiting to be upgraded loses its database. In this situation, when the member attempts to rejoin the Grid, the rejoin will fail and you may use this command to synchronize the Grid member with the Grid Master.

Syntaxset forced_autosyncThis command has no arguments.

ExampleInfoblox > set forced_autosync

Page 68: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 68

set grid_upgradeThe enables you to set Grid upgrade properties. You can use this command to force a scheduled upgrade to end set grid_upgrade commandimmediately, or to force Grid members that have not yet upgraded to upgrade immediately.

Syntaxset grid_upgrade [forced_end | forced_upgrade]

Argument Description

forced_end Ends a scheduled upgrade that is currently running.

forced_upgrade Forces Grid members that have not yet upgraded to upgrade immediately.

ExampleWhen no scheduled upgrade is currently active Infoblox > set grid_upgrade forced_completeNo scheduled upgrade currently active.

When a scheduled upgrade is activeInfoblox > set grid_upgrade forced_completeThis will force all upgrade groups to trigger an immediate upgrade, this may effect grid servicesDo you want to proceed with an immediate upgrade of all groups (Y/N) ? yAre you sure (Y/N) ? yUpgrading all groups immediately.

When a scheduled upgrade is currently pausedInfoblox > set grid_upgrade forced_completeUpgrade is currently paused, please un-pause the upgrade before triggering this operation.

When no scheduled upgrade is activeInfoblox > set grid_upgrade forced_endNo active scheduled upgrade.

When a scheduled upgrade is activeInfoblox > set grid_upgrade forced_endThis will force all upgrade groups to end upgrade immediately, all incomplete groups members will be logged-off the grid to perform an auto-sync of software with the grid this operation should only be used in an emergency situation to end a scheduled upgrade as it will result in member service outage until the operation is completed.Do you want to proceed (Y/N) ? yAre you sure (Y/N) ? yEnding upgrade schedule and logging out incomplete group members for an auto-sync.

When a scheduled upgrade is currently pausedInfoblox > set grid_upgrade forced_endUpgrade schedule is currently paused, please un-pause the upgrade schedule before triggering this operation.

Page 69: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 69

set hardware-typeUse the command for IB-FLEX only. This command enables you to set a supported virtual appliance as an IB-FLEX. For more set hardware-typeinformation, see .About IB-FLEX

To see if an appliance has been configured as an IB-FLEX, you can use the command. show hardware-type

Syntaxset hardware-type

This command has no arguments.

ExampleWhen setting a supported virtual appliance as an IB-FLEX:Infoblox > set hardware-type IB-FLEX

https://docs.infoblox.com/display/nios84/About+IB-FLEX
Page 70: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 70

set ibtrapThe command allows you to specify whether the appliance sends SNMP notifications (traps) and email notifications to the configured trap set ibtrapreceivers and email recipients for the specified event category.

Syntaxset ibtrap [category] snmp [true|false] email [true|false]

Argument Description

category The event category that triggers the trap and/or email notification. Valid values are: Fan, Bloxtools, Disk, Memory, CPU, MGM, HSM, Login, PowerSupply, FTP, TFTP, HTTP, NTP, DNS, DHCP, RootFS, Database, RAID, HA, MSServer, Backup, Clear, SNMP, LCD, SSH, SerialConsole, ENAT, Network, Cluster, Controld,OSPF,OSPF6, IFMAP, BGP, CaptivePortal, DuplicateIP, License, System, Syslog, DiscoveryConflict, Reporting, FDUsage, OCSPResponders, DisconnectedGrid, LBDevice, LDAPServers, RIRSWIP

snmptrue | false

Specify true to send SNMP traps. Otherwise, specify false.

emailtrue | false

Specify true to send email notifications. Otherwise, specify false.

ExampleInfoblox > set ibtrap FTP snmp true email true

Page 71: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 71

set interfaceThe command allows you to configure the speed and duplex settings of the network interfaces (MGMT, HA, LAN, and LAN2) on single set interfaceindependent appliances only. You cannot configure the network interface settings of appliances after they join a Grid or become HA pairs.You can use to enable the MGMT port and configure its IP address, netmask, and gateway address. You can configure either IPv4 set interface mgmtaddress, IPv6 address or both for the MGMT interface of the appliance. Once the MGMT port is enabled, you can use the command to configure the speed and duplex settings of the MGMT port. You can also use to disable the MGMT port. set interface mgmt offUse the command to view the interface settings. show interface

Syntaxset interface [lan|ha|lan2] speed [auto|10M|100M|1000M] duplex {auto|half|full]set interface mgmt [speed [auto|10M|100M|1000M] duplex {auto|half|full]]set interface mgmt off

Argument Description

lanlan2ha

Specifies the LAN interface.Specifies the LAN2 interface on the Infoblox-250-A, -550-A, -1050-A, -1550-A, -1552-A, and -2000-A appliances.Specifies the HA interface.

speedauto

10M |100M | 1000M

Specifies the speed of the incoming line rate in Mbps, or allows the appliance to automatically match the line speed.

duplexautohalffull

Specifies the duplex speed:

Automatically adjusts the speedSets it at half speedSet it at full speed

mgmt Specifies the management interface.

mgmt off Disables the management system interface. If this port is not being used, it should be set to off for securityNote:

reasons.

Examples

Enable and configure IPv4 address for the MGMT interface

Infoblox > set interface mgmtEnable Management port? (y or n): yEnter Management IP address: 10.36.1.157Enter Management netmask [Default: 255.255.255.0]: 255.255.0.0Enter Management gateway address [Default: 10.36.0.1]:Configure Management IPv6 network settings? (y or n): nRestrict Support and remote console access to MGMT port? (y or n): n

Management Port Setting:Management Port Enabled: trueManagement IP address: 10.36.1.157

Management netmask: 255.255.0.0Management Gateway address: 10.36.0.1Restrict Support and remote console access to MGMT port:false

Is this correct? [ y or n]: yAre you sure? (y or n): y

The management port settings have been updated. 

Enable and configure IPv6 address for the MGMT interface

Page 72: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 72

Infoblox > set interface mgmtEnable Management port? (y or n): yEnter Management IP address: 2620:010A:6000:2400::6508Enter Management IPv6 Prefix Length [Default: none]: 64Enter Management IPv6 gateway address [Default: none]: 2620:010A:6000:2400::0001Configure Management IPv4 network settings? (y or n): nRestrict Support and remote console access to MGMT port? (y or n): n

Management IPv6 address: 2620:10a:6000:2400::6508/64Management IPv6 Gateway address: 2620:10a:6000:2400::1Restrict Support and remote console access to MGMT port: false

Is this correct? (y or n): yAre you sure? (y or n): y

The management port settings have been updated

Specify the MGMT interface speed after the port is enabled

Infoblox > set interface mgmt speed 10M duplex full Setting Management interface speed to: 10M and duplex to: fullIs this correct? [ y or n]: yThe netwrok interface settings have been updated.

Specify the LAN interface speed

Infoblox > set interface lan speed 10M duplex fullSetting LAN interface speed to: 10M and duplex to: fullIs this correct? [ y or n]: yThe netwrok interface settings have been updated.

Specify the HA interface speed

Infoblox > set interface ha speed 100M duplex halfSetting HA interface speed to: 100M and duplex to: halfIs this correct? [ y or n]: yThe netwrok interface settings have been updated.

This command is not supported on vNIOS appliancesNote:

Page 73: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 73

set ip_rate_limitThe commands enable and disable rate limiting UDP traffic from source port 53, configure rate limiting rules that control the traffic, and set ip_rate_limitremove rate limiting rules. Once you enable rate limiting, the current rate limiting rules take effect.This command is useful when you want to mitigate cache poisoning on your DNS server by limiting the UDP traffic or blocking connections from source port 53.

Syntaxset ip_rate_limit {on | off}set ip_rate_limit remove {source all | all | source ip-address[/mask }]set ip_rate_limit add source {all | ip_address [/mask limit ]} 0set ip_rate_limit add source {all | ip_address [/mask limit ]} packets/m [burstburst_packets]

Argument Description

On Enables rate limiting from UDP port 53.

Off Disables rate limiting from UDP port 53.

add source  all  ip_address/mask  limit packets  burst burst_packets

Configures the rate limiting rules. Enter all or 0.0.0.0 if you want to limit all traffic from all sources.

Enter the IP address, and optionally the netmask, from which you want to limit the UDP traffic on port 53. Enter the number of packets per minute that you want to receive from the source.

Optionally, enter burst and the number of packets for burst traffic. Burst is the maximum number of packets accepted.

remove   source all

  all  source ip-address/mask

Removes rate limiting rules from all sources or an existing host on UDP port 53. Removes the rate limiting rule that limits traffic from all sources on UDP port 53.

Removes all of the rate limiting rules from all sources on UDP port 53.Removes the existing rules for an existing host.

Examples

Turn on rate limiting

Infoblox > set ip_rate_limit onEnabling rate limiting will discard packets and may degrade performance.Are you sure? (y or n):

Turn off rate limiting

Infoblox > set ip_rate_limit off

Block all traffic from host 10.10.1.1

Infoblox > set ip_rate_limit add source 10.10.1.1 limit 0

Limit the traffic to five packets per minute from host 10.10.1.2/24, with an allowance for burst of 10 packets

Infoblox > set ip_rate_limit add source 10.10.1.2/24 limit 5/m burst 10

Remove the rate limiting rule from host 10.10.1.1/24

Infoblox > set ip_rate_limit remove source 10.10.1.1/24

Page 74: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 74

set ipam_web_uiThe command enables and disables Grid Manager on vNIOS appliances on Cisco. For information about Grid Manager, refer to the set ipam_web_ui Info

.blox Administrator Guide

Syntaxset ipam_web_ui

This command has no arguments.

ExampleInfoblox > set ipam_web_ui

Page 75: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 75

set ipv6_disable_on_dadThe command enables or disables IPv6 on an interface if a duplicate IPv6 address is detected. set ipv6_disable_on_dad

Syntaxset ipv6_disable_on_dad {on | off}

Argument Description

on Enables IPv6 on an interface.

off Disables IPv6 on an interface.

Examples

Turn on IPv6 on an interface

Infoblox > set ipv6_disable_on_dad onWARNING: This operation will reboot the system.Do you want to proceed? (y or n): ySYSTEM REBOOTING!

Infoblox > set ipv6_disable_on_dad onAlready on, nothing do be done

Turn off Pv6 on an interface

Infoblox > set ipv6_disable_on_dad offWARNING: This operation will reboot the system. Do you want to proceed? (y or n): ySYSTEM REBOOTING!

Page 76: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 76

set ipv6_neighborThe command enables definition of an IPv6 neighbor for any of the following: LAN1, LAN2 or MGMT. also set ipv6_neighbor Set ipv6_neighborallows deletion of an existing IPv6 neighbor entry on the specified interface. For adding a new neighbor entry, the second required argument is for the link-local MAC address ID of the neighboring interface for the specified LAN/LAN2/MGMT port.Another form of this command allows the flushing of specific or general IPv6 neighbor values from the specified interface. Prefixes and polled neighbor states can also be specified and combined in a statement.

Syntaxset ipv6_neighbor {add|clear} {LAN|LAN2|MGMT} [all] [prefix ] ipv6-address ll_address [state]

Argument Description

ipv6_address The IPv6 address of the neighboring interface.

ll_address The 48-bit link-local MAC ID of the neighboring interface. Argument is required for addition of a new IPv6 neighbor entry for the interface.

[all] Optional argument to clear the entire list of IPv6 entries for the specified interface.

[prefix] Optional argument needed if all entries are to be flushed for an IPv6 prefix. CIDR mask is required as part of the address specification.

[state] Optional argument needed if entries of a specific type are to be flushedor defined for an IPv6 prefix. Permitted values for the argument include the following: and state permanent, noarp, reachable, stale.

ExampleInfoblox > set ipv6_neighbor add LAN 2001:db8::256:180:c223:214e 02:80:C2:03:DE:05Infoblox > set ipv6_neighbor add LAN 2001:db8::256:180:c223:214e 02:80:C2:03:DE:05 permanentInfoblox > set ipv6_neighbor clear LAN2 2001:db8::256:180:c223:214e 02:80:C2:03:DE:05Infoblox > set ipv6_neighbor clear LAN prefix 2001:db8:12:256::/64 staleInfoblox > set ipv6_neighbor clear LAN all

Page 77: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 77

set ipv6_ospfThe command writes statistical information to syslog. This command provides informational data that can be helpful for diagnostic set ipv6_ospfpurposes. Setting the log level for OSPFv3 is the only configuration that can be done for the routing protocol in the NIOS CLI. The statistical information is written (dumped) to syslog. When viewing the syslog file, lines with names such as are the OSPF statistical information. Use ipv6_ospf statisticsthe command to view the OSPF settings.show ipv6_ospfSyslog level describes the types of messages that are sent to syslog. You can identify the syslog information by using the option.level

Note: To use this command, the NSQ software package must be installed.

Syntaxset ipv6_ospf log { }level

Argument Description

level Writes OSPF statistics to syslog with a specific associated level. The sup- ported log levels are: debugging, informational, and notifications, warnings, errors, critical, alerts, emergencies.

ExampleInfoblox > set ipv6_ospf log alerts

Page 78: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 78

set ipv6_statusThe command enables or disables IPv6 on all interfaces. This is not a permanent enable or disable. If you restart your system, IPv6 set ipv6_statusis enabled once again.

Syntaxset ipv6_status {enable disable}|

Argument Description

enable Enables IPv6 on all interfaces.

disable Disables IPv6 on all interfaces.

ExampleInfoblox > set ipv6_status enable

WARNING: This operation will restart the product

Do you want to proceed? (y or n):y

Infoblox > show interfaceMGMT:

IP Address:  10.36.111.3      MAC Address: 00:0C:29:70:D5:F5Mask:        255.255.0.0      Broadcast: 10.36.255.255MTU:         1500             Metric:   1IPv6 Link:           fe80::20c:29ff:fe70:d5f5/64IPv6 Status:         EnabledNegotiation: DisabledSpeed:       1000M            Duplex:      FullStatus:      UP BROADCAST RUNNING MULTICAST

Statistics InformationReceived

packets:   25             bytes:    1518 (1.4 KiB)errors:    0              dropped: 0overruns:  0              frame: 0

Transmitted

packets:  3               bytes: 218 (218.0 b)errors:   0               dropped: 0overruns: 0               carrier: 0

Collisions: 0                Txqueuelen: 1000

Infoblox > set ipv6_status disable

WARNING: This operation will disable IPv6 communicationDo you want to proceed? (y or n):y

Infoblox > show interfaceMGMT:

IP Address:   10.36.111.3       MAC Address: 00:0C:29:70:D5:F5Mask:         255.255.0.0       Broadcast: 10.36.255.255MTU:          1500              Metric: 1IPv6 Link:IPv6 Status:         DisabledNegotiation: DisabledSpeed:       1000M              Duplex: FullStatus:      UP BROADCAST RUNNING MULTICAST

Statistics Information

Received

Page 79: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 79

packets:  606            bytes: 66780 (65.2 KiB)errors:   0              dropped: 0overruns: 0              frame: 0

Transmitted

packets:  10             bytes: 540 (540.0 b)errors:   0              dropped: 0overruns: 0              carrier: 0

Collisions:   0             Txqueuelen: 1000

Page 80: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 80

set lcd keys or set lcdThe or command enables and disables the LCD input keys. Turning off the LCD input keys prevents anyone from manually set lcd keys set lcdchanging the IP address on the NIOS appliance. Infoblox recommends this practice as a security measure for remote appliances.

Syntaxset lcd keys {off | on}

Argument Description

off Disables the LCD input keys on the appliance.

on Re-enables the LCD input keys on the appliance.

Examples

Disable the lcd keys

Infoblox > set lcd keys

Enable the lcd keys

Infoblox > set lcd keys onTurning ON the LCD display...

Note: You cannot enable or disable the LCD input keys on vNIOS appliances. You can configure the LCD input keys only on a Grid Master. On a vNIOS appliance, the or command generates an error.set lcd keys set lcd

Page 81: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 81

set lcd_settingsThe command enables you to set the display settings of an LCD. You can specify the number of seconds after which the LCD set lcd_settingsscreen must reduce the brightness if there is no keypad activity and specify the brightness level. You can also use this command to set the UID (unit identification) button on Trinzic appliances. For more information, see . set lcd_settings hwident

Syntax

Argument Description

<seconds> Sets the number of seconds after which the LCD screen should automatically dim. The auto-dim value should be in the range of 5 to 3600.

<level> Sets the brightness of the LCD screen. Brightness levels are from 1 to 10.

ExampleInfoblox > set lcd_settings autodim 8Infoblox > set lcd_settings brightness 5

Page 82: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 82

set lcd_settings hwidentThe command enables and disables the UID (unit identification) button on Trinzic appliances. When you enable the UID set lcd_settings hwidentbutton, the LCD panel on the front panel blinks and the UID LED on the rear panel glows blue. In a rack environment, the UID feature allows you to easily identify the appliance when moving between the front and rear of the rack.

Syntaxset lcd_settings hwident {off | on}

Argument Description

off Disables the UID feature on the Trinzic appliance.

on Enables the UID feature on the Trinzic appliance.

Examples

Disable the UID feature

Infoblox > set lcd_settings hwident offTurning ON the UID feature

Enable the UID feature

Infoblox > set lcd_settings hwident onTurning ON the UID feature

Note: You cannot enable or disable the UID feature on vNIOS appliances. You can configure the UID feature only on Trinzic appliances. On a vNIOS appliance, the command generates an error.set lcd_settings hwident

Page 83: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 83

set licenseThe command installs a license upon entering a valid license string. You must send an email request to Infoblox to receive a unique license set licensestring for your NIOS appliance. Copy the string directly from the email, and then use CTRL + V to insert it after the CLI command prompt. Use the show lice

command to view the license settings. This command is used to install both static (per member) and Grid-wide licenses.nse

Note: You can install a temporary 60-day license that allows your system to be fully functional while waiting to receive your permanent license. For more information, see .set temp_license

Syntaxset license

This command has no arguments.

ExampleInfoblox > set licenseEnter license string: EQAAAAKS4n90WFGNUSirwvyUT9/zInstall license? (y or n): yInfoblox > set licenseEnter license string: HQAAALsakOzDKirMdaUsG2Yfk/j0BkhoFjhVfEtu36dJInstall license? (y or n): y

License (grid-wide) is installed.

The UI needs to be restarted in order to reflect this license change.

Restart UI now, this will log out all UI users? (y or n):y

Page 84: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 84

set linesThe command specifies the number of lines that the appliance displays when you execute a command during a session. The default is set lines show20 lines. You can also configure permanent page settings or enter zero (0) to set paging off.

Syntaxset lines [num | permanent]

Argument Description

num The number of lines the appliance displays when you execute a show command.

permanent Configures permanent page settings.

Examples

Set the number of lines displayed on each page to 4:

Infoblox > set lines 4Number of scroll lines set to 4.Infoblox > show logMay 31 13:30:05 (none) syslog-ng[892]: syslog-ng version 1.6.11 startingMay 31 13:30:05 (none) kernel: Linux version 2.6.17.4 (root@build-aslan) (gcc version3.2.1) #1 SMP Fri May 18 19:44:21 EDT 2013May 31 13:30:05 (none) kernel: BIOS-provided physical RAM map:May 31 13:30:05 (none) kernel: BIOS-e820: 0000000000000000 - 000000000009f800 (usable)

Enter <return> for next page or q<return> to go back to command line.

Turn paging off for this session:

Infoblox > set lines 0Number of scroll lines set to 0.

Set a permanent line number:

Infoblox > set lines permanent 24Number of scroll lines set to 24.

Page 85: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 85

set log_txn_idThe command enables or disables the display of DHCP transaction IDs in syslog messages. By default, DHCP transaction ID logging set log_txn_idis enabled. When you enable DHCP transaction ID logging, the appliance displays transaction IDs for the following packets:

DHCPDISCOVERDHCPREQUESTDHCPRELEASEDHCPDECLINEDHCPINFORM

In Grid Manager, the transaction IDs are appended to the end of the corresponding syslog messages with a prefix of "TransID." You can view this information in the tab -> tab -> tab of Grid Manager.Administrator Logs SyslogWhen you enable this feature, you must restart DHCP service for the feature to take effect. When you disable this feature, you must perform a force restart services for the change to take effect. Use the to display the current status of DHCP transaction ID logging. show log_txn_id

Syntaxset log_txn_id (ON|OFF)

Argument Description

ON Enables DHCP transaction ID logging on an appliance.

OFF Disables DHCP transaction ID logging on an appliance.

Example

Enable DHCP transaction ID logging on an appliance

Infoblox > set log_txn_id ONDHCP Transaction id logging turned ONDHCP force restart services is required in order for the changed value to take effect

Disable DHCP transaction ID logging on an appliance

Infoblox > set log_txn_id OFFDHCP Transaction id logging turned OFFDHCP force restart services is required in order for the changed value to take effect

Sample syslog messages in the Syslog tab of Grid Manager:

When DHCP transaction ID logging is on:

2013-03-25T09:39:41+00:00 daemon (none) dhcpd[14434]: info DHCPINFORM from 10.0.0.199via 10.120.20.182 TransID 78563412: not authoritative for subnet 10.0.0.02013-03-25T09:39:36+00:00 daemon (none) dhcpd[14434]: info DHCPDISCOVER fromcc:bb:cc:dd:ee:ff via 10.120.20.182 TransID 78563412

When DHCP transaction ID logging is off:

2013-03-25T09:39:39+00:00 daemon (none) dhcpd[14434]: info DHCPREQUEST for 10.0.0.199from cc:bb:cc:dd:ee:ff (dhcp-10-0-0-199) via 10.120.20.182

Page 86: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 86

set lomThe command configures the LOM (Lights Out Management) settings for the IPMI interface. To view the current network settings for the IPMI set lominterface, use the command. show lom

Syntaxset lom

This command has no arguments.

ExampleInfoblox > set lomEnter LOM IP address: 10.1.1.22Enter LOM netmask: 255.255.255.0Enter gateway address [Default: 10.34.10.1]:LOM network settings:

IP address: 10.34.10.42Netmask:255.255.255.0Gateway address: 10.34.10.1

Is this correct? (y or n): yAre you sure? (y or n): y

Page 87: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 87

set lower_case_ptr_dnameThe command converts all the domain names in uppercase characters to lowercase for PTR records. You can execute set lower_case_ptr_dnamethis command at the Grid level, member level, or the DNS view level.

Syntaxset lower_case_ptr_dname grid (on|off)set lower_case_ptr_dname view <view-name> (on|off) [override_grid (on|off)

Argument Description

On Enables the appliance to convert all the domain names in uppercase to lowercase for PTR records.

off Disables the conversion option. The domain names in PTR records will remain intact.

<view-name>

Specify the DNS view name.

<view-name> on

Enables the conversion option at the DNS view level. If you enable the conversion option at both the Grid and DNS view level, the conversion option is enabled.

<view-name> off

Disables the conversion option at the DNS view level.

override_grid on

Overrides the conversion option set at the Grid level. If you enable the conversion option at the DNS view level and disable at the Grid level, the conversion option is enabled.

override_grid off

Inherits the conversion option set at the Grid level. If you enable the conversion option at the DNS view level and disable at the Grid level, the conversion option is enabled.

ExampleInfoblox > set lower_case_ptr_dname grid on set lower_case_ptr_dname grid onRestart the DNS service in order for changes to take effect

Infoblox > set lower_case_ptr_dname view default off override_grid on Restart the DNS service in order for changes to take effect

Page 88: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 88

set max_recursion_depthThe    command sets the limit on the allowed number of levels of recursion named.set max_recursion_depth

Syntaxset max_recursion_depth <value>

Argument Description

value The depth value in the range 1 - 100. Default depth value is 7.

ExamplesInfoblox > set max_recursion_depth

Page 89: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 89

set max_recursion_queriesThe    command sets the limit on the number of queries sent before terminating a recursive query.set max_recursion_queries

Syntaxset max_recursion_queries <value>

Argument Description

value The queries value in the range 1 - 1000. Default depth value is 150.

ExamplesInfoblox > set max_recursion_queries

Page 90: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 90

set membershipThe command specifies a Grid for the NIOS appliance. Use this command when the network address has been set (see ) set membership set networkand you want to put the appliance in a Grid. You can join an IPv4 appliance to an IPv4-only or a dual mode Grid and an IPv6 appliance to an IPv6-only or a dual mode Grid.If the IP address is acceptable to the Grid Master, use this command to join the Grid. You can specify either an IPv4 or an IPv6 address of the Grid Master. If you need to re-address the appliance, use the command. set network

Note: When you join a dual mode Grid member to a dual mode Grid, you can enter IPv4 address of the Grid Master if the Grid communication protocol for the Grid member is set as IPv4 and you can enter IPv6 address of the Grid Master if the Grid communication protocol for the Grid member is set as IPv6. For information about setting the communication protocol for a dual mode appliance, refer to the .Infoblox Administrator Guide

Syntaxset membership

This command has no arguments.

ExampleInfoblox > set membershipJoin status: No previous attempt to join a Grid.Enter new Grid Master VIP: 10.1.1.22Enter Grid Name [Default Infoblox]: DaveyJonesEnter Grid Shared Secret: L0ck37 Join Grid as member with attributes:Join Grid Master VIP: 10.1.1.22Grid Name: DaveyJonesGrid Shared Secret: L0ck37WARNING: Joining a Grid will replace all the data on this node!Is this correct? (y or n): yAre you sure? (y or n): y

Page 91: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 91

set mgm attachedThe set mgm attached command forces a Grid to attach to a Master Grid. Use this command only if a Grid is in the Attached state on the Multi-Grid Manager and Detached on the Grid Manager. This command recovers the Grid status when it is out of sync with the Grid status on the Multi-Grid Manager.

Syntaxset mgm attached [MGM IP Address] [Port Number]

Argument Description

MGM IP Address IP address of the Master Grid

Port Number Port number of the Master Grid

ExampleThe following example uses the set mgm attached command.

Console connect [@ Grid IP address]Infoblox > set maintenancemodeMaintenance Mode > set mgm attached [MGM IP address] [Port Number]This command will force the Grid to get attached.Are you sure you want to continue? (y or n): y

Page 92: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 92

set mld_version_1The command sets the IPv6 MLD (Multicast Listener Discovery) protocol to version 1, as described in set mld_version_1 RFC 2710, Multicast Listener

. MLD enables the appliance to detect multicast listeners on its directly attached links and discover which multicast addresses are of Discovery for IPv6interest.The appliance runs MLD version 2, as described in , by default. MLD version 2 is interoperable RFC 3810, Multicast Listener Discovery Version 2 for IPv6with version 1.

Syntaxset mld_version_1

This command has no arguments.

ExampleInfoblox > set mld_version_1Current MLD version: 2Set Multicast Listener Discovery Version 1? (y or n): y New MLD Settings:Use MLD version 1: YesIs this correct? (y or n): y MLD version: 1 is saved to database. MLD version is set for IPv6.

Page 93: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 93

set monitor dnsThe command enables network monitoring for DNS. Once enabled, you can do the following: set monitor dns

View the average latency of authoritative and non-authoritative replies to DNS queries in 1, 5, 15, and 60 minute time intervals. Use the show moni command to view the DNS network data.tor

Monitor invalid DNS responses from UDP port 53. Use the command to view the DNS alert status. show monitor dns alert status

This command is useful when troubleshooting DNS and network issues.

Note: This command is not supported for IPv6 in NIOS 7.0 and later releases. When you enable DNS network monitoring, there is a significant impact on DNS query performance.

Syntaxset monitor dns {on | off}

Argument Description

on Enables network monitoring for DNS.

off Disables network monitoring for DNS.

Examples

Turn on DNS network monitoring

Infoblox > set monitor dns onTurning On DNS Network Monitoring...

Turn off DNS network monitoring

Infoblox > set monitor dns offTurning Off DNS Network Monitoring...

Page 94: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 94

set monitor dns alertThe commands enable DNS alert monitoring and set the thresholds for invalid DNS responses. After you enable DNS alert set monitor dns alertmonitoring, the appliance monitors the UDP traffic on port 53 for recursive DNS queries, and then reports invalid DNS responses on UDP ports that are not open and with mismatched TXIDs. You must enable DNS network monitoring when you enable DNS alert monitoring. For information, see the set monitor d

command.nsYou can also configure the thresholds for invalid DNS responses. When the number of invalid responses exceeds the thresholds, the appliance logs the event and sends SNMP traps and notifications, if previously enabled. The default thresholds for both invalid ports and invalid TXIDs are 50%. You can configure the thresholds either as absolute packet counts or as percentages of the total traffic during a one minute time interval.This command is useful for monitoring possible cache poisoning. Use the command to view invalid port and invalid TXID show monitor dns alert statusdata.

Note: This command is not supported for IPv6 in NIOS 7.0 and later releases.

Syntaxset monitor dns alert {on | off}set monitor dns alert modify {port | txid} over {packets | percent}threshold_value

Argument Description

on Enables DNS alert monitoring.

off Disables DNS alert monitoring.

modify   port   txid   threshold_value   

packets   percent

Sets the thresholds for invalid DNS responses Enter port to set the threshold for invalid ports.

Enter txid to set the threshold for invalid TXIDs.Enter the number of packets or percentage for the threshold.Enter packets if you want to set the threshold as a total packet count.Enter percentage if you want to set the threshold as a percentage of the total traffic. For a percentage-based threshold, the appliance does not generate a threshold crossing event if the traffic level is less than 100 packets per minute.

Examples

Turning on and off DNS alert monitoring

Infoblox > set monitor dns alert onInfoblox > set monitor dns alert off

Triggering a DNS alert when the percentage of invalid DNS responses on UDP ports exceeds 70% per minute

Infoblox > set monitor dns alert modify port over 70 percent

Triggering a DNS alert when the total packet count of invalid DNS responses with mismatched TXIDs is over 100 packets per minute

Infoblox > set monitor dns alert modify txid over 100 packets

Page 95: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 95

set ms_dns_reports_sync_intervalYou can use the command to specify the time interval at which the DNS reporting data from the Microsoft set ms_dns_reports_sync_intervalserver is synchronized with the NIOS appliance.

Syntaxset ms_dns_reports_sync_interval <MS Server IP address> <seconds>

Argument Description

<MS Server IP address>

Specify the IP address of the Microsoft server.

<seconds> Specify the time interval in seconds at which the DNS reporting data from the Microsoft server is synchronized with the NIOS appliance. The default synchronization interval is 15 seconds.

ExampleInfoblox > set ms_dns_reports_sync_interval 10.102.30.2 14Current DNS reports sync interval is 15 second(s).The DNS reports sync interval will be changed to 14 second(s).Is this correct? (y or n): yThe DNS reports sync interval has been changed to 14 second(s).

Page 96: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 96

set ms_sticky_ipThe   command enables/disables ms_sticky_ip.set ms_sticky_ip

Syntaxset ms_sticky_ip [on|off]

Argument Description

on Enables ms_sticky_ip.

off Disables ms_sticky_ip.

ExamplesInfoblox > set ms_sticky_ip

Page 97: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 97

set named_recv_sock_buf_sizeYou can use the command to tune the BIND receive socket buffer memory to a maximum of 8 MB. The DNS set named_recv_sock_buf_sizereceive socket buffer holds BIND packets that are queued on the UDP (User Datagram Protocol) port from the NIC (Network Interface Controller). This command is useful when you want to increase the BIND receive buffer size to accommodate occasional burst traffic and high volume DNS recursive queries. Note that the same buffer is also used for updates and non-recursive queries. Use the to view the current buffer show named_recv_sock_buf_sizesize.

Note: Ensure that you use this command only when you are dealing with burst traffic situations in high volume deployments.

Syntaxset named_recv_sock_buf_size {N}

Argument Description

N The number of kilobytes to which you want to set the BIND receive socket buffer size. The minimum is 120 kilobytes and the maximum is 8192. The default is 1536.

Example

Set the BIND receive socket buffer size to 5000 KB

Infoblox > set named_recv_sock_buf_size 5000Infoblox >

Page 98: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 98

set named_tcp_clients_limitYou can use the  command to set the maximum number of simultaneous DNS clients that can be handled with set named_tcp_tcp_clients_limitTCP connections. It does not account for UDP connections. 

Syntaxset named_tcp_clients_limit <number of TCP clients}

Argument Description

Number of TCP clients

Maximum number of simultaneous DNS clients that can be handled with TCP connections. The number must be between 200 and 25000. The default value is 1000.

ExampleInfoblox > set named_tcp_clients_limit 2500

Page 99: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 99

set networkThe command specifies an address for a NIOS appliance so that it can join a network, with the option of joining a Grid. You can configure set networkeither IPv4 address, IPv6 address, or both for a NIOS appliance. If the appliance is configured with an IPv6 address, it can join a Grid using the IPv6 address of the Grid Master. Use the command to view the network settings. show network

supports configuration of both IPv4 and IPv6 interface addresses. set network

Syntaxset network

This command has no arguments.

Example

Specifying an IPv4 address

Infoblox > set networkNOTICE: All HA configuration is performed from the GUI. This interface is used only toconfigure a standalone node or to join a grid.Enter IP address:10.35.1.104Enter netmask [Default: 255.255.255.0]:Enter gateway address [Default: 10.35.0.1]:Enter VLAN tag [Default: Untagged]:Enter DSCP value [Default: Inherited from Grid: 0]:NOTICE: Additional IPv6 interface can be configured only via GUI.Configure IPv6 network settings? (y or n):nBecome grid member? (y or n): n

New Network Settings:

IPv4 address: 10.35.1.104IPv4 Netmask: 255.255.255.0IPv4 Gateway address: 10.35.0.1IPv4 VLAN tag: UntaggedIPv4 DSCP Value: Inherited from Grid: 0

Old IPv4 Network Settings:

IPv4 address: 192.168.1.2IPv4 Netmask: 255.255.255.0IPv4 Gateway address: 192.168.1.1IPv4 VLAN tag: UntaggedIPv4 DSCP Value: Inherited from Grid: 0

Specifying an IPv6 address

Infoblox > set networkNOTICE: All HA configuration is performed from the GUI. This interface is used only toconfigure a standalone node or to join a grid.Enter IP address : 2620:10a:6000:2400::168Enter IPv6 Prefix Length [Default: none]: 64Enter IPv6 gateway [Default: none]: 2620:10a:6000:2400::1

Enter VLAN tag [Default: Untagged]:Enter DSCP value [Default: Inherited from Grid: 0]Configure IPv4 network settings? (y or n):nBecome grid member? (y or n): n

New Network Settings:

IPv6 address: 2620:10a:6000:2400::168/64IPv6 Gateway address: 2620:10a:6000:2400::1IPv6 VLAN tag: UntaggedIPv6 DSCP Value: Inherited from Grid: 0

Specifying both IPv4 and IPv6 address

Page 100: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 100

Infoblox > set networkNOTICE: All HA configuration is performed from the GUI. This interface is used only toconfigure a standalone node or to join a grid.Enter IP address : 10.35.1.104Enter netmask [Default: 255.255.255.0]: 255.255.0.0Enter gateway address [Default: 10.35.0.1]:Enter VLAN tag [Default: Untagged]:Enter DSCP value [Default: Inherited from Grid: 0]Configure IPv6 network settings? (y or n):yEnter IPv6 address [Default: none]: 2620:10A:6000:2400::168Enter IPv6 Prefix Length [Default: none]: 64Enter IPv6 gateway [Default: none]: 2620:10A:6000:2400::1Enter VLAN tag [Default: Untagged]:Enter DSCP value [Default: 30]:Become grid member? (y or n): n

New Network Settings:

IPv4 address: 10.35.1.104IPv4 Netmask: 255.255.0.0IPv4 Gateway address: 10.35.0.1IPv4 VLAN tag: UntaggedIPv4 DSCP Value: Inherited from Grid: 0

IPv6 address: 2620:10a:6000:2400::168/64IPv6 Gateway address: 2620:10a:6000:2400::1IPv6 VLAN tag: UntaggedDSCP value: 30

Old IPv4 Network Settings:

IPv4 address: 192.168.1.2IPv4 Netmask: 255.255.255.0IPv4 Gateway address: 192.168.1.1IPv4 VLAN tag: UntaggedIPv4 DSCP Value: Inherited from Grid: 0

After you confirm your network settings, the Infoblox application automatically restarts.Note:

After configuring the network settings, you cannot change the type of network connectivity of the appliance through CLI. For example, if the appliance is configured in IPv4-only mode, then you can change only the IPv4 interface settings through CLI. But the type of network connectivity for the appliance can be changed through GUI.

Page 101: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 101

set nogridThe command removes the specified member from the current Grid. Execute this command from the Grid member. This command is valid set nogridonly on a member.

Note: Infoblox recommends that you use this command only in an emergency, such as when the network is down between the master and the member. Otherwise, you should configure the member to leave the Grid using the GUI on the Grid Master.

Syntaxset nogrid

This command has no arguments.

ExampleInfoblox > set nogridThe normal method to configure a node to leave a Grid is to use the GUI on the Grid Master. This method is only used for emergencies (e.g. network is down from the master to this node).Is this such an emergency? yThe current node will become a standalone machine, with default values for Grid settings.Are you sure? (y or n) yThe network settings have been updated.

Page 102: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 102

set nomastergridIn a Multi-Grid environment, the command enables a Grid to leave the current Master Grid. This command is valid only on the Multi- set nomastergridGrid Master.

Syntaxset nomastergrid

This command has no arguments.

ExampleInfoblox > set nomastergridThis grid is going to leave master grid       Are you sure? (y or n): yGrid is not joined to a master grid. Exiting without making any change

Page 103: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 103

set nosafemodeThe command disables safe mode on the NIOS appliance by re-enabling DNS and DHCP services. For more information, see set nosafemode set safe

.mode

Syntaxset nosafemode

This command has no arguments.

ExampleInfoblox > set nosafemode

Page 104: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 104

set ocspThe  command disables OCSP authentication service configuration and allow you to login without OCSP validation. It also terminate set ocsp off administrative sessions for users who are currently logged in.

Syntaxset ocsp off

There are no arguments for this command.

ExampleInfoblox > set ocsp off

Page 105: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 105

set ospfThe command writes statistical information to syslog. This command provides informational data that can be helpful for diagnostic purposes. The set ospfstatistical information is written (dumped) to syslog. When viewing the syslog file, lines with names such as are the OSPF statistical ospf statisticsinformation. Use the command to view the OSPF settings. show ospfSyslog level describes the types of messages that are sent to syslog. You can identify the syslog information by using the option.level

Note: To use this command, the NSQ software package must be installed.

Syntaxset ospf log { }level

Argument Description

level Writes OSPF statistics to syslog with a specific associated level. The supported log levels are: debugging, informational, and notifications, warnings, errors, critical, alerts, emergencies.

ExampleInfoblox > set ospf log alerts

Page 106: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 106

set overload_bootpThe  command enables/disables overloading BOOTP packets.set overload_bootp 

Note: To disable DHCP overload bootp packet control, DHCP force restart service is required in order for the changed value to take effect.

Syntaxset overload_bootp

There are no arguments for this command.

ExampleInfoblox > set overload_bootp

Page 107: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 107

set phonehomeThe command enables a Grid Master or an independent appliance to email reports monthly and after each upgrade to Infoblox set phonehomeTechnical Support and other specified recipients.The reports provide status and event information about the Grid or independent appliance and its services. The report is an XML document that includes the following information:

The phone home feature version.The report type, such as periodic and test.The time of the report.The Infoblox Support ID that was assigned to the account.Information about the Grid, such as its NIOS version, name, VIP, Grid Master hostname, LAN IP, and the number of Grid members and appliances in the Grid.The upgrade history of the Grid.Information about each Grid member, such as the hostname, IP address, status, role (such as standalone, master), and if the member is an HA pair. If the member is a peer in a DHCP failover association, the report also includes the DHCP failover status.Hardware information, such as the hardware type, serial number, HA status, and uptime.Information about the interfaces, such as the interface name and IP addresses.Resource usage information, such as CPU and system temperature, and CPU, database, disk, and memory usage.

Syntaxset phonehome {on | off}

Argument Description

on Enables the appliance to send status and event reports to specified recipients.

off Disables the function to send reports.

Examples

Turning on the phone home feature

Infoblox > set phonehome on

Turning off the phone home feature

Infoblox > set phonehome off

Page 108: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 108

set port_mac_addrThe  command enables or disables MAC address spoofing on a LAN1 or LAN2 interface. Note that you cannot execute the  set port_mac_addrcommand on a virtual appliance that is running Software ADP. To execute the command, change through set port_mac_addr set port_mac_addrthe Hypervisor when the virtual appliance is powered off

Syntaxset port_mac_addr on [LAN1|LAN2] <IP> <MAC>

Argument Description

on Enables the MAC address spoofing on an interface.

off Disables the MAC address spoofing on an interface.

LAN1|LAN2  Specifies the interface, either LAN1 or LAN2.

<IP> IP address of the LAN1 or LAN2 interface.

<MAC> Specifies the MAC address.

Examples

Turning on the MAC address spoofing

Infoblox > set port_mac_addr on LAN1 2.2.2.2

Turning off the MAC address spoofing

Infoblox >   set port_mac_addr off LAN1

Page 109: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 109

set reporting_cluster_maintenance_modeUse the command to enable the Grid Master to prevent from rolling the reporting data from the buckets set reporting_cluster_maintenance_modestored on a peer node. This helps you avoid data loss due to network issues or any problem with the connection between the peer nodes. Note that you can run this command only on the Grid Master.

Syntaxset reporting_cluster_maintenance_mode [on|off]

Argument Description

on Enables the cluster maintenance mode. When you enable this feature, the Grid Master stops the rolling of reporting data from peer nodes.

off Disables the cluster maintenance mode.

ExampleMaintenance Mode > set reporting_cluster_maintenance_mode onReporting cluster maintenance mode is enabledCan be run only on the grid master.When reporting cluster maintenance mode is enabled replication factor or search factor policies will not be enforced.

Page 110: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 110

a. b. c. d.

set promote_masterThe command specifies a NIOS appliance as the new Grid Master in the case of a Grid Master failure. The new Grid Master set promote_masterthen alerts all the Grid members to redirect their traffic to it. If you have configured multi-site reporting cluster, you can modify the primary reporting site. For information about reporting clusters, refer to the .Infoblox NIOS Administrator GuideYou can do one of the following to promote a master candidate to a Grid Master:

Immediately notify all Grid members about the promotion.Set a sequential notification to provide wait time for Grid members to join the new Grid Master. Staggering the restarts of Grid members can minimize DNS outages. The sequential order for Grid members to join the new Grid Master begins with the old Grid Master and then the Grid members in FQDN order. The default delay time is 120 seconds. You can configure the delay time from a minimum of 30 seconds up to 600 seconds.

For this command to be effective, you must have previously specified an appliance as the Grid Master candidate. Then when you lose the Grid Master, you can remotely (SSH) log in to the Grid Master candidate and execute this command.

Note: When the previous Grid Master comes back on line, it automatically joins the Grid as a master candidate.

Syntaxset promote_master

This command has no arguments.

ExamplesInfoblox > set promote_masterDo you want a delay between notification to Grid members? (y or n):

Enter n to promote the master candidate and send notifications to all Grid members immediately. The appliance displays the following:

This action will immediately promote master candidate to become the Grid Master. This feature is designed to be used primarily for disaster recovery.Are you sure you want to do this? (y or n): yThe current member will become the Grid Master.Are you really sure you want to do this? (y or n): yMember promotion beginning on this member.

Enter y to promote the master candidate to the Grid Master immediately and specify the delay time for the Grid members to join the new Grid Master. The appliance displays the following:

Set delay time for notification to Grid members? [Default: 120s]: 200This action will immediately promote master candidate to become the Grid Master. This feature is designed to be used primarily for disaster recovery.Are you sure you want to do this? (y or n): yThe current member will become the Grid Master. The Grid members will be notified sequentially with a delay of 200 seconds.Are you really sure you want to do this? (y or n): y

If you have configured multi-site reporting cluster, the appliance displays all the reporting sites in the order of priority you have configured. For example if you have configured the following reporting sites: site 4(priority 1), site 2 (priority 2), site 1(priority 3), and site 3 (priority 4)

Infoblox > set promote_masterDo you want a delay between notification to Grid members? (y or n): nPrimary reporting site candidates (in order of priority):

site4 (Existing primary reporting site)site2site1site3

Please enter new primary reporting site (1-2) or 'c' to continue without changing primary reporting site: 5

The appliance displays the following error when you enter value incorrectly:

Page 111: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 111

a. b. c. d.

: Please enter a valid choice or 'c' to continue without changing the primary reporting site.ERRORPlease enter new primary reporting site (1-2) or 'c' to continue without changing primary reporting site: cThis action will immediately promote this member to become the grid master. This feature is designed to be used primarily for disaster recovery.Are you sure you want to do this? (y or n): y The current member will become the grid master.Are you really sure you want to do this? (y or n): y Master promotion beginning on this memberGood Bye

To change the primary reporting site:

Infoblox > set promote_masterDo you want a delay between notification to Grid members? (y or n):n Primary reporting site candidates (in order of priority):

site4 (Existing primary reporting site)site2site1site3

Please enter new primary reporting site (1-4) or 'c' to continue without changing primary reporting site: 2Are you sure you want to do this? (y or n): y The current member will become the grid master.Are you really sure you want to do this? (y or n): y Master promotion beginning on this memberGood Bye

The new priority order of reporting sites will be:

site2 (Existing primary reporting site) site4site1site3

Page 112: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 112

set promptUse the command to change the prompt to the host name, user@host name, host IP address, or user@ host IP address. Note that the set promptprompt displayed in the command line interface (CLI) can be set only on the active Grid Master node. Once you execute the command, the set promptprompt displayed for all Grid members is set accordingly and you can see the prompt when you log in to the CLI for each Grid member.

Syntaxset prompt {hostname user@hostname user@ip default}| | ip | |

Argument Description

hostname Sets the prompt to the host name of the computer from which you access the appliance.

user@hostname Sets the prompt to the user name@ the host name of the computer from which you access the appliance.

ip Sets the prompt to the IP address of the host.

user@ip Sets the prompt to the user name@ the IP address of the host.

default Sets the prompt to "Infoblox >".

ExampleInfoblox > set prompt user@hostnameadmin@infoblox >admin@infoblox > set prompt user@[email protected] >

Page 113: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 113

set recursion_query_timeoutUse the command to configure the maximum time allowed for a recursive query to wait for a response before timing set recursion_query_timeoutout. Setting the timeout value to 0 returns to the default timeout behavior, which is to wait at least 30 seconds and up to 40 seconds before timing out.

Note: When you enable this on an HA pair, ensure that you run the command and set the same values on both nodes of the HA pair. No service restart is required when you use this command.

This command is designed to mitigate phantom domain attacks. For more information about this, refer to the .Infoblox NIOS Administrator Guide

Syntaxset recursion_query_timeout <timeout> set recursion_query_timeout 0

Argument Description

timeout The maximum time allowed for a recursive query to wait for a response before timing out. Valid values are 10 to 30, inclusive.

0 Returns to default timeout behavior, which is to wait at least 30 seconds and up to 40 seconds under certain circumstances.

ExampleInfoblox > set recursion_query_timeout 30

Page 114: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 114

set remote_consoleThe command enables and disables access to the NIOS appliance using a remote console. Use the set remote_console show remote_consolecommand to view the remote console settings.

Note: Infoblox recommends that you close any port that is not being used, for security reasons. An open, unused port offers the potential for unwanted access to your network.

Syntaxset remote_console

This command has no arguments.

ExampleInfoblox > set remote_consoleEnable remote console access (Grid level)? (y or n): yNew remote console access settings: Remote console access enabled: YesIs this correct? (y or n): y

Page 115: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 115

set reporting_certIn a Grid with a reporting server, you can use the command to generate a new set of SSL certificates on all forwarders and the set reporting_certindexer. You can use this command only on the Grid Master.

Syntaxset reporting_cert

This command has no arguments.

ExampleInfoblox > set reporting_certGenerate new reporting certificate? (y or n): yReporting certificates generated.

Page 116: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 116

set reporting_cluster_maintenance_modeUse the command to enable the Grid Master to prevent from rolling the reporting data from the buckets set reporting_cluster_maintenance_modestored on a peer node. This helps you avoid data loss due to network issues or any problem with the connection between the peer nodes. Note that you can run this command only on the Grid Master.

Syntaxset reporting_cluster_maintenance_mode [on|off]

Argument Description

on Enables the cluster maintenance mode. When you enable this feature, the Grid Master stops the rolling of reporting data from peer nodes.

off Disables the cluster maintenance mode.

ExampleMaintenance Mode > set reporting_cluster_maintenance_mode onReporting cluster maintenance mode is enabledCan be run only on the grid master.When reporting cluster maintenance mode is enabled replication factor or search factor policies will not be enforced.

Page 117: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 117

1.

1.

set reporting_user_capabilitiesThe   command allows you to configure the   permission on reporting data to a local admin user who has set reporting_user_capabilities deletesuperuser permissions. If you enable the   command for a user, the user can use the   command using set reporting_user_capabilities deletethe   or  to delete selected events.Splunk API  reporting GUI

To see the list of users configured with the reporting delete permission, see  .show reporting_user_capabilities

Syntax  set reporting_user_capabilities [enable|disable] <super-user>

Argument Description

enable Enables the reporting delete capability

disable Disables the reporting delete capability

ExampleInfoblox > set reporting_user_capabilities enable user1

Delete reporting indexed data

Select capability (1) or q to quit: 1

The reporting Delete capability has been enabled for user user1.

 

Infoblox > set reporting_user_capabilities disable user1

Delete reporting indexed data

Select capability (1) or q to quit: 1

The reporting Delete capability has been disabled for user user1.

Notes

This command is supported only on the Grid master.You cannot retrieve the data once it is deleted.The deleted data cannot be visualized and does not reduce any disk space.Frequent deletion of data may affect the search performance.

https://docs.infoblox.com/display/nios84/Monitoring+Subscriber+Policy+Violations
https://docs.infoblox.com/display/nios84/About+Reports
Page 118: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 118

set revert_gridUse the command to revert to a version of software that was running previously on a Grid or on an independent appliance or HA pair. set revert_gridBe aware that when you revert to this software, any configurations made to the currently running software are lost. You can back up the current data before you revert so that you can later determine what configuration changes are missing.

Syntaxset revert_grid

This command has no arguments.

ExampleInfoblox > set revert_grid

Page 119: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 119

set rpz_recursive_onlyUse the   command to use NIOS RPZ zones instead of local RPZ zones to set rpz_recursive_only < >view_name [< >]zone_name block records with private IP addresses from being queried by external users. This command is available only on the Gird Master.

If you do not specify an RPZ zone name after the DNS view name, all RPZ zones that belong to the specified DNS view are used to block records. If you specify an RPZ zone name, only that zone is used to block records.

Syntaxset rpz_recursive_only <view_name> [<zone_name>] <none | yes | no>

Argument Description

view_name DNS view to which the RPZ zones belong.

zone_name NIOS zone name that must be used to block records with . If you do not specify an RPZ zone, all zones that belong private IP addressesto the DNS view are considered.

none Uses the existing setting for the command. For example, if the command was set to , set rpz_recursive_only view_name yesspecifying will consider the command enabled because the earlier setting was set to .none yes

yes Enables the command.

no Disables the command.

ExampleInfoblox > set rpz_recursive_only default rpz1.com yesRestart the DNS service in order for changes to take effect.

Restart the DNS service on the member after running the command.

Page 120: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 120

set safemodeThe command disables DNS and DHCP services. Use this command to troubleshoot a NIOS appliance with unreliable services. set safemodeThis command restarts all the services, including DNS and DHCP. DNS and DHCP remain active only long enough to write and named.conf dhcp.conffiles. These services then shut down. All other services remain functional. This allows you to review the and files to determine named.conf dhcp.confand alleviate the cause of the appliance distress.Once you have determined the problem, you can reinstate DNS and DHCP services using the command. set nosafemode

Syntaxset safemode

This command has no arguments.

ExampleInfoblox > set safemode

Page 121: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 121

set scheduledUse the command to specify the number of times per hour the appliance checks if the services need a restart when the task scheduling set scheduledfeature is enabled. You must manually restart services or schedule a restart of services for the scheduled change to take effect.You can set the value from 0 to 60, and the default value is 60. When you set the value to 0, the appliance turns off the restart feature.Use the to view the number of times per hour the appliance checks whether a restart of services is required. show scheduled

Syntaxset scheduled task restarts [0-60]

Argument Description

0-60 The number of times per hour the appliance checks if the services need a restart when the task scheduling feature is enabled. You can enter any number from 0 to 60. The default is 60. A value of 0 turns off the restart feature.

ExampleEnter the following command to enable the appliance to check 10 times per hour whether the services need a restart:

Infoblox > set scheduled task restarts 10

The appliance checks 10 times per hour if the services must be restarted, which is every six minutes of the hour. For example, if you enter the command at 3:15 p.m., the appliance checks if the services must be restarted every six minutes starting at the hour (3:00 p.m.). Therefore, the next checks are at 3:18, 3:24, 3:30, 3:36, 3:42, 3:48, 3:54, and 4:00 p.m.

Page 122: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 122

set securityThe command allows you to specify IP or network addresses that can access the appliance through the GUI. The appliance denies set securityaccess to addresses that are not specified. Use the command to view the security settings. show security

Syntaxset security

This command has no arguments.

ExampleIn the following example, security is enabled to restrict access to the NIOS appliance (through the GUI) to the IP address range 10.1.1.1:

Infoblox > set securityEnable security? (y or n): yEnter access IP range: 10.1.1.1Enter access netmask (Default: 255.255.255.0): 255.255.255.0      New security settings:    Security enabled: Yes      IP range: 10.1.1.1   Is this correct? (y or n): yDo you wish to enter additional access range? (y or n): n

Page 123: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 123

set session_timeoutUse the command to specify how long a session remains open when there is no user activity. Use the set session_timeout show session_timeoutcommand to view the session_timeout setting.

Syntaxset session_timeout

This command has no arguments.

ExampleInfoblox > set session_timeoutCurrent GUI/CLI timeout is 60000 seconds (16:40:00)

WARNING: Changing the session timeout will cause GUI users to be logged out.New GUI/CLI session timeout (in seconds, 0 to abort)? 90000

Page 124: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 124

set smartnic monitor-modeThe command enables and disables monitor mode for the Threat Protection service. This is disabled by default. When set smartnic monitor-modemonitor mode is enabled, the appliance logs DNS packets (instead of dropping them) that would have been blocked by threat protection rules. This information is recorded in the audit log. Note that you can enable or disable monitor mode only for individual members. You cannot set this configuration at the Grid level.To view whether monitor mode is enabled or disabled for the Threat Protection service, see . show smartnic

Syntaxset smartnic monitor-mode {on|off}

Argument Description

on Enables monitor mode for the Threat Protection service.

off Disables monitor mode for the Threat Protection service.

Examples

Enable debugging

Infoblox > set smartnic monitor-mode on

Disable debugging

Infoblox > set smartnic monitor-mode off

Page 125: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 125

set snmptrapThe command sends SNMP traps to the trap receiver you specify. You can use the optional command to generate SNMPv3 traps. For set snmptrap v3information about SNMP, see in the .Monitoring with SNMP Infoblox NIOS Administrator GuideUse the command to get information about SNMP objects. show snmp

Syntaxset snmptrap variable {name of an SNMP variable, in dotted or symbolic format} address {the address of the trap receiver} [v3] [snmpuser]

Argument Description

name of an SNMP variable

The name or OID (object ID) of the SNMP object. For example, you can enter sysName.0 or .1.3.6.1.4.1.2021.11.53.0.

address of the trap receiver

The IPv4 or IPv6 address of the management system that receives SNMP traps.

snmpuser The user name of the SNMPv3 user account. This is optional. If you do not provide a user name, the appliance uses the first SNMPv3 user on the list.

Examples

Sending SNMP traps to a specific trap receiver

Enter the following on the appliance:

Infoblox > set snmptrap variable sysName.0 address 10.0.0.11

The appliance sends the following acknowledgement to the trap receiver:

2011-02-23 23:02:51 10.0.0.11 [UDP: [10.0.0.11]:35597->[10.0.0.11]]:DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (42) 0:00:00.42SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-MIB::sysName.02011-02-23 23:02:53 10.0.0.11 [UDP: [10.0.0.11]:52367->[10.0.0.11]]:DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (42) 0:00:00.42SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-MIB::sysName.0

Sending SNMP traps using SNMPv3

Enter the following on the appliance:

Infoblox > set snmptrap variable sysName.0 localhost v3 SNMPv3User1

The appliance sends the following acknowledgement to the trap receiver:

2011-02-07 01:08:19 localhost [UDP: [127.0.0.1]:41884->[127.0.0.1]]:DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (42) 0:00:00.42SNMPv2-MIB::snmpTrapOID.0 = OID: DISMAN-EVENT-MIB::sysName.0

Enter the following on the appliance:

Infoblox > set snmptrap variable sysName.0 localhost v3 SNMPv3User1

The appliance sends the following to the trap receiver in the event of a process failure:

SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.7779.3.1.1.1.1.2.0SNMPv2-SMI::enterprises.7779.3.1.1.1.2.1.0 = STRING: "192.168.1.2"SNMPv2-SMI::enterprises.7779.3.1.1.1.2.2.0 = INTEGER: 5SNMPv2-SMI::enterprises.7779.3.1.1.1.2.5.0 = STRING: "named"SNMPv2-SMI::enterprises.7779.3.1.1.1.2.4.0 = INTEGER: 20SNMPv2-SMI::enterprises.7779.3.1.1.1.2.11.0 = STRING: "A named daemon monitoringfailure has occurred."

https://docs.infoblox.com/display/nios84/Monitoring+with+SNMP
Page 126: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 126

1. 2. 3. 4. 5. 6. 7. 8. 9.

10. 11. 12. 13.

set ssl_tls_ciphersThe command allows you to enable or disable the SSL/TLS cipher suites. You can enable any specific cipher suite or all the cipher set ssl_tls_cipherssuites. The default cipher suites are enabled in a specific order. However, you can change this default order. Note that you cannot disable all the cipher suites. At least one cipher suite must be enabled.The default cipher suites are enabled in the following order:

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256TLS_DHE_RSA_WITH_AES_256_GCM_SHA384TLS_DHE_RSA_WITH_AES_128_CBC_SHATLS_DHE_RSA_WITH_AES_256_CBC_SHATLS_DHE_RSA_WITH_AES_128_CBC_SHA256TLS_DHE_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_AES_128_GCM_SHA256TLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_3DES_EDE_CBC_SHATLS_RSA_WITH_AES_256_GCM_SHA384TLS_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHA256

You can also enable the following cipher suites that are disabled by default:

TLS_DHE_DSS_WITH_AES_256_CBC_SHATLS_DH_RSA_WITH_3DES_EDE_CBC_SHATLS_DH_DSS_WITH_3DES_EDE_CBC_SHATLS_DHE_DSS_WITH_AES_128_CBC_SHATLS_RSA_WITH_RC4_128_SHATLS_DHE_DSS_WITH_AES_256_GCM_SHA384TLS_DHE_DSS_WITH_AES_256_CBC_SHA256TLS_DHE_DSS_WITH_AES_128_GCM_SHA256TLS_DHE_DSS_WITH_AES_128_CBC_SHA256

You can use the command to view the enabled SSL/TLS cipher suites. For information, see .show ssl_tls_ciphers show ssl_tls_ciphers

Syntaxset ssl_tls_ciphers enable suite_name [ position ]set ssl_tls_ciphers disable positionset ssl_tls_ciphers enable_all

Argument Description

enable Enables the cipher suites.

suite_name Specifies the name of a particular cipher suite.

all Enables all cipher suites.

position Specifies the position of a cipher suite.

disable Disables the cipher suites.

Examples

Enable all cipher suites

Infoblox > set ssl_tls_ciphers enable_allAll cipher suites were enabledThe following services need to be restarted manually: GUI

Enable a specific cipher suite

Infoblox > set ssl_tls_ciphers enable TLS_RSA_WITH_RC4_128_SHA 8TLS_RSA_WITH_RC4_128_SHA was enabledThe following services need to be restarted manually: GUI

Disable a specific cipher suite

Page 127: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 127

Infoblox > set ssl_tls_ciphers disable 8TLS_RSA_WITH_RC4_128_SHA was disabledThe following services need to be restarted manually: GUI

Page 128: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 128

set ssl_tls_protocolsThe command allows you to enable or disable the SSL/TLS protocols. You can enable any one or all of the following set ssl_tls_protocolsprotocols: TLSv1.0, TLSv1.1, or TLSv1.2. By default, TLSv1.0 is enabled. Note that you cannot change the SSL/TLS protocol when the SSL/TLS setting is set to default mode. You must set the SSL/TLS setting to the override mode in order to change the SSL/TLS protocol. For information about SSL/TLS settings, see . set ssl_tls_settingsYou can use the command to view the enabled SSL/TLS protocols. For information, see . show ssl_tls_protocols show ssl_tls_protocols

Syntaxset ssl_tls_protocols [ enable | disable ] [ TLSv1.0 | TLSv1.1 | TLSv1.2 ]

Argument Description

enable Enables the SSL/TLS protocols.

TLSv1.0 Enables the TLSv1.0 protocol.

TLSv1.1 Enables the TLSv1.1 protocol.

TLSv1.2 Enables the TLSv1.2 protocol.

disable Disables the SSL/TLS protocols. Note that you cannot disable all the SSL/TLS protocols. At least one protocol must be enabled.

Examples

Enable TLSv1.2 protocol

Infoblox > set ssl_tls_protocols enable TLSv1.2TLSv1.2 was enabled. Current configurations is: TLSv1.0 TLSv1.1 TLSv1.2 The following services need to be restarted manually: GUI

Disable TLSv1.0 protocol

Infoblox > set ssl_tls_protocols disable TLSv1.0TLSv1.0 was disabled. Current configuration: TLSv1.1 TLSv1.2 The following services need to be restarted manually: GUI

Page 129: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 129

set ssl_tls_settingsYou can use the command to override or restore the default SSL/TLS settings. When the SSL/TLS settings are set to the set ssl_tls_settingsoverride mode, you can modify the default SSL/TLS protocols and ciphers. When the SSL/TLS settings are set to the default mode, you cannot override the default SSL/TLS protocols and ciphers. The appliance uses the default SSL/TLS protocols and ciphers. Use the to see whether show ssl_tls_settingsSSL/TLS settings are set to the default or override mode.

Syntaxset ssl_tls_settings [default | override]

Argument Description

default Sets the default mode for SSL/TLS settings. When the SSL/TLS settings is set to the default mode, the appliance uses the default SSL/TLS protocols and ciphers.

override Sets the override mode for SSL/TLS settings. When the SSL/TLS settings is set to the override mode, the appliance overrides the default SSL/TLS protocols and ciphers.

ExampleInfoblox > set ssl_tls_settings overrideThe following services need to be restarted manually: GUI

Page 130: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 130

set static_routeUse the command to configure static routes on your appliance. You can create new IPv4 and IPv6 static routes, move static route to set static_routea desired position in the list of static routes, move static routes up and down in the list, or move static route at a specific position up or down in the list of static routes. You can also delete an existing static route, delete static routes at a specific position, or delete all existing static routes for IPv4, IPv6 or both protocols. Use the command to view the current configuration of static routes on your appliance. show static_routes

Syntaxset static_route add network/cidr gateway [position]set static_route move network/cidr gateway new-positionset static_route move network/cidr gateway (up|down)set static_route move (v4|v6) old-position new-positionset static_route move (v4|v6) old-position (up|down)set static_route delete network/cidr gatewayset static_route delete (v4|v6) positionset static_route delete (all|v4|v6)

Argument Description

add network/cidr gateway [position] Creates a new static route and optionally specifies its position in the list of static routes.

 move network/cidr gateway new-position Moves a static route to a new position in the list of static routes.

move network/cidr gateway [up|down] Moves a static route up or down in the list of static routes.

move (v4 | v6 [old-position] [new-)position]

Moves an IPv4 or IPv6 static route from its existing position to a new position in the list of static routes.

move (v4 | v6 [old-position] (up|down)) Moves an IPv4 or IPv6 static route up or down from its current position in the list of static routes.

delete network/cidr gateway Deletes an existing static route.

delete (v4 | v6 [position]) Deletes an IPv4 or IPv6 static route, at a specific position, from the list of static routes.

delete (all | v4 | v6) Deletes all static routes, all IPv4 static routes, or all IPv6 static routes.

Examples

Adding a new static route

Infoblox > set static_route add 10.6.112.0/24 10.6.42.1Infoblox > set static_route add 2001:1234:5678::/112 2001:1234::42

Moving a static route to a new position in the list of static routes

Infoblox > set static_route move 10.6.112.0/24 10.6.42.1 5Infoblox > set static_route move 2001:1234:5678::/112 2001:1234::42 6

Moving a static route up or down in the list of static routes

Infoblox > set static_route move 10.6.112.0/24 10.6.42.1 up Infoblox > set static_route move 10.6.112.0/24 10.6.42.1 downInfoblox > set static_route move 2001:1234:5678::/112 2001:1234::42 up Infoblox > set static_route move 2001:1234:5678::/112 2001:1234::42 down

Moving an IPv4 or IPv6 static route from its current position to a new position in the list of static routes

Infoblox > set static_route move v4 1 12 Infoblox > set static_route move v6 1 12

Moving an IPv4 or IPv6 static route up or down from its current position in the list of static routes

Page 131: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 131

Infoblox > set static_route move v4 12 up Infoblox > set static_route move v6 12 up Infoblox > set static_route move v4 1 down Infoblox > set static_route move v6 1 down

Deleting an existing static route

Infoblox > set static_route delete 10.6.112.0/24 10.6.42.1Infoblox > set static_route delete 2001:1234:5678::/112 2001:1234::42

Deleting an IPv4 or IPv6 static route at a specific position in the list of static routes

Infoblox > set static_route delete v4 1 Infoblox > set static_route delete v6 2

Deleting all IPv4 static routes

Infoblox > set static_route delete v4

Deleting all IPv6 static routes

Infoblox > set static_route delete v6

Deleting all IPv4 and IPv6 static routes

Infoblox > set static_route delete all

Page 132: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 132

set subscriber_secure_data addIf you have configured Infoblox Subscriber Services, you can use the command to add a specific subscriber set subscriber_secure_data addrecord to the subscriber database. For information about Infoblox Subscriber Services, see  . You can use  Infoblox Subscriber Services set

command to delete a subscriber record.subscriber_secure_data delete

Syntaxset subscriber_secure_data add <ip_addr> <prefix> <local_id> <ip_space_desc> <data_string> [flags]

Argument Description

<ip_addr> Specify the IPv4 or IPv6 address of the subscriber.

<prefix> Specify the prefix length.

<local_id> Specify the Local ID, which is the MAC address of the subscriber device. To indicate a record without a Local ID, enter N/A.

<ip_space_desc> Specify the IP space discriminator. To indicate a record without an IP space discriminator, enter N/A.

<data_string> The cache data string is a concatenation of “AVPTAG:AVP-NAME=Value” separated by ';'.

[flags] This is optional. You can specify the following:S - For the non-expiring static record.B - If a blacklist or whitelist domains are configured for the subscriber.

The AVPTAG can include the following tags:

Note: The following tags are for the AVPs available in the list of predefined AVPs. You can also add tags for user-defined AVPs.

SUB: Indicates the subscriber ID AVP, that is configured in the editor of the Grid. Example: Subscriber Services Properties SUB:.IMSI=602030100000057

NAS: Indicates the NAS contextual information AVP, that is configured in the editor of the Grid. Example: Subscriber Services Properties NAS:.NAS-PORT=168496141

IPS: Indicates the IP space discriminator AVP, that is configured in the editor of the Grid. Example: Subscriber Services Properties IPS:NAS-.IPv6-Address=2620:010a:6000:22f2::006e

PCP: Parental-Control-Policy. It is a 128-bit value provided by the Service Providers. Example: .PCP:Parental-Control-Policy=400000DCP: Dynamic-Category-Policy. It is an indication to resolve domains categorized as dynamic. If Dynamic AVP is set, then all domains categorized as dynamic are forwarded to Infoblox Harmony. If Dynamic AVP is not set, then the domains categorized as dynamic would either be blocked or allowed depending on the parental control policy. Example: : .DCP Dynamic-Category-Policy=0SSP: Subscriber-Secure-Policy. It is a 32-bit value provided by the Service Providers. Example: .SSP:Subscriber-Secure-Policy=5FEXP: The date and time when the profile expires. Example: .EXP:Expire-Profile=Mon May 29 10\\:23\\:56 2017AN0: Indicates the AVP configured in ancillary position 0 in the ancillary list, that is configured in the editor of the Subscriber Services PropertiesGrid. Example: .AN0:Class=0x010x000x120x000x12AN1: Indicates the AVP configured in ancillary position 1 in the ancillary list, that is configured in the editor of the Subscriber Services PropertiesGrid. Example: .AN1:IMEI=8635800299072601AN2: Indicates the AVP configured in ancillary position 2 in the ancillary list, that is configured in the editor of the Subscriber Services PropertiesGrid. Example: .AN2:NAS-Port-Identifier=portid-1232AN3: Indicates the AVP configured in ancillary position 3 in the ancillary list, that is configured in the editor of the Subscriber Services PropertiesGrid. Example: .AN3:User-Name=user1

Note: The ancillary fields are numbered as AN0, AN1, AN2 etc. You cannot add more than five ancillary AVPs.

ACS: The accounting session ID. Example: .ACS:Acct-Session-Id=29de847acde415ab

Example 1set subscriber_secure_data add 2620:10a:6000:7814::50b 128 003048d5d928 N/A "ACS:Acct-Session-Id=29de847acde415ab;LID:003048d5d928;IPS:NAS-IPv6-Address=2540:010a:6000:22f2::006e;AN0:APN=corp1;SUB:IMSI=602030100000045;AN3:User-Name=user1;AN2:NAS-Port-Identifier=portid-1232;NAS:NAS-PORT=168496141;SSP:Subscriber-Secure-Policy=00000001;DYN:Dynamic-Category-Policy=0;PCP:Parental-Control-Policy=400000;"

Example 2

https://docs.infoblox.com/display/nios84/Infoblox+Subscriber+Services
Page 133: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 133

set subscriber_secure_data add 10.32.1.145 32 AABBCC112233 corp1 "ACS:Acct-Session-Id=32de327aced215ab;SUB:IMSI=301030100000026;LID:AABBCC112233;NAS:NAS-PORT=168496141;PCP:Parental-Control-Policy=20001;EXP:Expire-Profile=Mon May 29 10\\:23\\:56 2017;DCP:Dynamic-Category-Policy=0;SSP:Subscriber-Secure-Policy=5F;"

Format of a Subscriber RecordThe following is an example of a subscriber record in the subscriber cache:

10.32.1.145/32 | IPS:corp1 | ACS:Acct-Session-Id=32de327aced215ab;SUB:IMSI=301030100000026;LID:003048d5d928;NAS:NAS-PORT=168496141;PCP:Parental-Control-Policy=20001;EXP:Expire-Profile=Mon May 29 10\\:23\\:56 2017;DCP:Dynamic-Category-Policy=0;SSP:Subscriber-Secure-Policy=5F | 2017-06-05 21:20:51

Page 134: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 134

set subscriber_secure_data deleteIf you have configured Infoblox Subscriber Services, you can use the command to delete a specific set subscriber_secure_data deletesubscriber record from the subscriber cache. For information about Infoblox Subscriber Services, see  .Infoblox Subscriber Services

Syntaxset subscriber_secure_data delete <ip_addr> <prefix> <local_id> <ip_space_desc>

Argument Description

< >ip_addr Specify the IPv4 or IPv6 address of the subscriber.

<prefix> Specify the prefix length.

<local_id> Local ID present in the incoming EDNS0 packet.

<ip space desc> The IP space discriminator. To indicate a record without an IP space discriminator, enter N/A.

ExampleInfoblox > set subscriber_secure_data delete 10.32.1.145 32 AABBCC112233 corp1

10.32.1.145/32|LID:aabbcc112233|IPS:corp1|FLG:|ACS:Acct-Session-Id=32de327aced215ab;SUB:IMSI=301030100000026;LID:AABBCC112233;NAS:NAS-PORT=168496141;PCP:Parental-Control-Policy=20001;EXP:Expire-Profile=Mon May 29 10\\:23\\:56 2017;DCP:Dynamic-Category-Policy=0;SSP:Subscriber-Secure-Policy=5F;|Thu Dec 20 10:53:41 2018

Record successfully deleted

https://docs.infoblox.com/display/nios84/Infoblox+Subscriber+Services
Page 135: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 135

set subscriber_secure_data never_proxyIf you have configured Infoblox Subscriber Services, use the command to set a 32-bit hexadecimal set subscriber_secure_data never_proxycharacter. This character represents the list of categories to be used in the global list used to resolve DNS queries without proxying to an MSP (Multi-Services Proxy) server.

You can view the hexadecimal value of the never_proxy category using the  command. show subscriber_secure_data never_proxy

Syntaxset subscriber_secure_data never_proxy <category hexadecimal_character>

For a list of the different types of parental control policies and their hexadecimal values, refer to the supplemental documentation provided by Infoblox or contact your Infoblox representative.

ExampleInfoblox > set subscriber_secure_data never_proxy 000fffffffffffffffffffffffffff01never_proxy categories are set!!! A RESTART of the DNS service is required before this change can take effect !!!

In this example, the hexadecimal character of  represent the category "Alcohol". Therefore, any domain related to alcohol (for 000fffffffffffffffffffffffffff01example, www.beer.com, www.liquor.com) is not proxied to an MSP server. Instead, it is directly resolved by NIOS. 

Note

You must restart the DNS service for the hexadecimal character to be set.

Page 136: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 136

set subscriber_secure_data persistIf you have configured Infoblox Subscriber Services, you can use the   command to enable data persistence set subscriber_secure_data persistmode which allows static records to survive restart. For information about Infoblox Subscriber Services, see Infoblox Subscriber Services.

Syntaxset subscriber_secure_data persist on

This command turn on persistence of static subscriber records.

ExampleInfoblox > set subscriber_secure_data persist on

https://docs.infoblox.com/display/nios84draft/Infoblox+Subscriber+Services
Page 137: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 137

set support_accessThe command enables and disables support access. This feature is disabled (off) by default. Enabling this feature allows Infoblox set support_accessSupport (Tier 3 access) to perform root level diagnostics on an appliance that is in severe distress. A special key is required to access the appliance at root level, and only Infoblox Support (Tier 3) can generate this key.

Note: Once the problem has been resolved, Infoblox recommends that you turn off this port. Any open port that is not in use can become a security risk.

Syntaxset support_access

This command has no arguments.

ExampleInfoblox > set support_accessEnable support access (Grid level)? (y or n): y    New support access settings:     Support access enabled: Yes     Is this correct? (y or n): y

Page 138: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 138

set sysNameYou can use the command to set the FQDN (fully qualified domain name) of the appliance to allow configured SNMP management system set sysNameto query the sysName value. If the appliance is an HA pair, you can use the command to set the FQDN of node 2 of the HA pair.name2

Syntaxset sysName name1 [name2]

Argument Description

name1 The FQDN of the appliance.

name2 The FQDN of node 2 of an HA pair.

Examples

Setting the FQDN of the appliance

Enter the following on the appliance:

Infoblox > set sysName eng.corp100.com

Setting the FQDNs of an HA Pair

Enter the following on the appliance:

Infoblox > set sysName active.corp100.com passive.corp100.com

Page 139: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 139

set tcp_timestampsThe command allows you to enable or disable TCP timestamps. You can view these timestamps in the traffic capture file. TCP set tcp_timestampstimestamps are enabled by default. If you disable TCP timestamps, the timestamps are not displayed in the traffic capture file.

You can run the  command to determine whether the TCP timestamps are enabled or disabled before running show tcp_timestamps set .tcp_timestamps

Syntaxset tcp_timestamps {enable|disable} 

ExampleInfoblox > set tcp_timestamps enable

Page 140: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 140

set temp_licenseThe command generates and installs a temporary 60-day license for a fully functional NIOS appliance and IBOS (Infoblox set temp_licenseOrchestration Server), or a temporary 90-day license for an IF-MAP Starter Kit on a VMware virtual appliance. Depending on the appliance model, the list of temporary licenses varies. Use the command to view the license settings.show licenseInfoblox supports cloud API calls to set temporary licenses for and licenses.Threat Protection (Software add-on) Threat Protection Update

To install temporary license(s)

for...

Select... Remarks

DNS and DHCP services

DNSone (DNS, DHCP)

Installs DNS and DHCP licenses

DNS and DHCP services with Grid

DNSone with Grid (DNS, DHCP, Gri

d)

Installs DNS, DHCP, and Grid licenses

DHCP services with Grid

Network Services for Voice (DHCP,

Grid)

Installs DHCP and Grid licenses

NIOS services Add NIOS License Installs a NIOS license for SoT (Son of Trinzic) 2016 hardware appliances.

DNS services Add DNS Server license

Installs a DNS license

DHCP services Add DHCP Serverlicense

Installs a DHCP license

Grid Add Grid license Installs a Grid license

IF-MAP service on an IBOS

Add IF-MAP Serv ice license

You cannot install other services, such as DNS and DHCP, on an IBOS.

Microsoft server management

Add Microsoft m anagement licen

se

You can install other licenses with the Microsoft management license.

VMware virtual appliance

Add vNIOS license

For VMware virtual appliances only. You can install other licenses with the vNIOS license.

Load balancer services

Add Load Balanc er license

Installs a load balancer license

IF-MAP federation

Add IF-MAP Fede ration license

Installs a 90-day temporary IF-MAP federation license.

Multi-Grid management

Add Multi-Grid M anagement licen

se

Installs a Multi-Grid license for Multi-Grid management

DNS Traffic Control

Add DNS Traffic Control license

Installs a DNS Traffic Control license

Query Redirection

Add Query Redir ection license

Installs a query redirection license

Security Ecosystem

Add Security Eco system license

Installs a Security Ecosystem license on any Grid member

Threat Analytics Add Threat Analy tics license

Installs a Threat Analytics license

Reporting service

Add Reporting license

Installs a license on the reporting server

Response Policy Zones support

Add Response P olicy Zones

For support of Response Policy Zones

FireEye integrated RPZ support

Add FireEye license

Installs  licenseFireEye

Page 141: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 141

1. 2. 3. 4. 5. 6. 7. 8. 9.

10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20.

1. 2. 3. 4. 5. 6. 7. 8. 9.

10. 11.

1. 2. 3.

Cloud Platform Appliances

Add Cloud Netw ork Automation

license

Installs Cloud Network Automation license

Flex Grid Activation

Flex Grid Activati on license

Installs the following licenses: Grid (enterprise), Unbound, DCA, DNS, the DTC, Software Threat Protection (sw_tp), Threat Protection Update (tp_sub), DNSFW (rpz), NXDOMAIN Redirect (qrd), FireEye,Threat Analytics and Security Ecosystem.

Software ADP Threat Protection (Software add-

on)

Installs Software ADP license for supported platforms.

To configure an appliance as an IB-FLEX, use the set hardware-type command. For more information, see .set hardware-type

Syntaxset temp_license

This command has no arguments.

Example

Installing a temporary license on the NIOS appliance:

Infoblox > set temp_licenseDNSone (DNS, DHCP)DNSone with Grid (DNS, DHCP, Grid)Network Services for Voice (DHCP, Grid)Add NIOS licenseAdd DNS Server licenseAdd DHCP Server licenseAdd Grid licenseAdd Microsoft management licenseAdd IF-MAP Federation licenseAdd Multi-Grid Management licenseAdd Load Balancer licenseQuery Redirection licenseAdd Reporting licenseAdd DNS Traffic Control licenseAdd Security Ecosystem licenseAdd Response Policy Zones licenseAdd FireEye licenseAdd Cloud Network Automation licenseAdd Threat Analytics license

Select license (1-19) or q to quit: 1. IB-V805

IB-V815IB-V825IB-V1405IB-V1415IB-V1425IB-V2205IB-V2215IB-V2225IB-V4005IB-V4015IB-V4025

Installing a temporary license on the Trinzic Reporting VM-800 Appliance:

Infoblox > set temp_license

Add Grid licenseAdd vNIOS licenseAdd Reporting license

Select license (1-3) or q to quit:

Page 142: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 142

1. 2. 3. 4. 5. 6. 7. 8. 9.

10. 11. 12. 13. 14. 15. 16.

1. 2. 3. 4. 5. 6. 7. 8. 9.

10. 11. 12. 13. 14. 15. 16. 17.

Installing a temporary Flex Grid Activation license on the NIOS appliance:

Infoblox > set temp_license

DNSone (DNS, DHCP)DNSone with Grid (DNS, DHCP, Grid)Network Services for Voice (DHCP, Grid)Add NIOS LicenseAdd DNS Server licenseAdd DHCP Server licenseAdd Grid licenseAdd Microsoft management licenseAdd Multi-Grid Management licenseAdd Query Redirection licenseAdd Response Policy Zones licenseAdd FireEye licenseAdd DNS Traffic Control licenseAdd Cloud Network Automation licenseAdd Security Ecosystem licenseAdd Flex Grid Activation license Select license (1-16) or q to quit:

Installing a temporary Software ADP license on the NIOS appliance:

Infoblox > set temp_license

DNSone (DNS, DHCP)DNSone with Grid (DNS, DHCP, Grid)Network Services for Voice (DHCP, Grid)Add DNS Server licenseAdd DHCP Server licenseAdd Grid licenseAdd vNIOS licenseAdd Query Redirection licenseAdd Threat Protection (Software add-on) licenseAdd Threat Protection Update licenseAdd Response Policy Zones licenseAdd FireEye licenseAdd DNS Traffic Control licenseAdd Cloud Network Automation licenseAdd Security Ecosystem licenseAdd Threat Analytics licenseAdd Flex Grid Activation license Select license (1-17) or q to quit:

Page 143: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 143

set termUse the command to set the correct terminal type for future commands in the current session. set term

Syntaxset term

This command has no arguments.

ExampleInfoblox > set term vt100

Page 144: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 144

set thresholdtrapUse the command to enable the SNMP trap for CPU usage and to configure the trigger and reset values of the trap. The CPU set thresholdtrapusage trap is disabled by default. When you use this command to change the trigger and reset values, you enable the trap and the appliance sends and resets traps based on the configured values. When CPU usage of an appliance exceeds the trigger threshold for 15 seconds, the appliance sends a "CPU usage above threshold value" trap. After the appliance sends the "CPU usage above threshold value" trap, it sends a "CPU usage OK" trap when the CPU usage dips below the reset threshold.Use the command to view the current settings of the CPU usage trap. Note that the CPU usage trap is disabled by default, and the show thresholdtraptrigger value is set at 100 and reset value at 0. For information about Infoblox SNMP traps, refer to the .Infoblox NIOS Administrator Guide

Syntaxset thresholdtrap {type} trigger {value} reset {value}

Argument Description

type The type of threshold trap. Enter to enable the CPU usage trap and set the trigger and reset values.CpuUsageValid values are: NetworkCapacity, DBObjects, Disk, Memory, Rootfs, CpuUsage, Reporting, ReportingVolume, FDUsage

value (for trigger)

The trigger value of the SNMP trap. When CPU usage exceeds this value, the appliance sends a "CPU usage above threshold value" trap.

value (for reset)

The reset value of the SNMP trap. When CPU usage dips below this value, the appliance sends a "CPU usage OK" trap. Ensure that the reset value is smaller than the trigger value.

Example

Enabling the CPU usage trap and set the trigger and reset values

Infoblox > set thresholdtrap CpuUsage trigger 80 reset 71Infoblox >

When CPU usage exceeds 80% of capacity for 15 seconds, the appliance sends the “CPU usage above threshold value” trap. The appliance sends the “CPU usage OK” trap when CPU usage dips below the reset value of 71.Following is a sample SNMP output of this example:

2011-09-30 04:32:20 ib-10-35-107-9.infoblox.com [UDP: [10.35.107.9]:44183->[10.35.107.9]]:DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (50991) 0:08:29.91SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.7779.3.1.1.1.1.3.0SNMPv2-SMI::enterprises.7779.3.1.1.1.2.1.0 = STRING: "10.35.107.9"SNMPv2-SMI::enterprises.7779.3.1.1.1.2.3.0 = STRING: "cpu_usage"SNMPv2-SMI::enterprises.7779.3.1.1.1.2.6.0 = INTEGER: 100SNMPv2-SMI::enterprises.7779.3.1.1.1.2.7.0 = INTEGER: 80SNMPv2-SMI::enterprises.7779.3.1.1.1.2.8.0 = INTEGER: 71SNMPv2-SMI::enterprises.7779.3.1.1.1.2.11.0 = STRING: "CPU usage above threshold value."2011-09-30 04:33:12 ib-10-35-107-9.infoblox.com [UDP: [10.35.107.9]:44183->[10.35.107.9]]:DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (56202) 0:09:22.02SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.7779.3.1.1.1.1.3.0SNMPv2-SMI::enterprises.7779.3.1.1.1.2.1.0 = STRING: "10.35.107.9"SNMPv2-SMI::enterprises.7779.3.1.1.1.2.3.0 = STRING: "cpu_usage"

SNMPv2-SMI::enterprises.7779.3.1.1.1.2.6.0 = INTEGER: 5SNMPv2-SMI::enterprises.7779.3.1.1.1.2.7.0 = INTEGER: 80SNMPv2-SMI::enterprises.7779.3.1.1.1.2.8.0 = INTEGER: 71SNMPv2-SMI::enterprises.7779.3.1.1.1.2.11.0 = STRING: "CPU usage OK."

Page 145: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 145

set tokenThe command is used to set Token, Grid Masters IP address and Certificate to the token file.set token

Syntaxset token [on|off|join]

Argument Description

on Sets Token, Grid Masters IP address and Certificate to the token file

off Removes Token from the file and all corresponding data

join To join the grid using the existing token file

ExampleInfoblox > set token on

Page 146: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 146

set traffic_captureThe command allows you to capture the traffic for one or all of the ports on a NIOS appliance and save the traffic capture in a set traffic_capturefile. To capture traffic, the NIOS appliance must have a minimum of 500 MB of free disk space; otherwise, the traffic capture might fail.The NIOS appliance saves all traffic it captures in a .cap file and compresses it into a .tar.gz file. The size of the .cap file is limited to 4 GB for Infoblox-4010, Infoblox-4030, Infoblox-4030-10GE, and PT-4000, and the size is limited to 1 GB for all other NIOS appliances. In Grid Manager, you can download the traffic capture file after the traffic capture stops by navigating to the tab -> tab -> tab -> and click from Grid Grid Manager Members Traffic Capturethe Toolbar. To view information about the traffic capture running on the member, see . show traffic_capture_statusYou can also transfer the traffic capture file to remote hosts either using FTP or SCP. You cannot transfer the traffic capture files when the traffic capture is in progress. Note that this operation may take a long time to complete.

Syntaxset traffic_capture on [port <all|lan1|lan2|mgmt|ha>] [vlan <id>] [duration <seconds>][filter 'valid-tcpdump-filter-expression'] [with-rolling]set traffic_capture offset traffic_capture transfer [ftp|scp] <server-ip> <user-name> <user-password>[dest <file_name>]

Argument Description

on Starts the traffic capture.

off Stops the traffic capture after you have started it.

port

  all  lan1  lan2  mgmt  ha

Specifies the port for which you want to capture the traffic:

Captures traffic on all ports.Captures traffic on the LAN1 port.Captures traffic on the LAN2 port.Captures traffic on the MGMT port.Captures traffic on the HA port.

The default is LAN1. Note that if you have enabled the LAN2 failoverfeature, the LAN1 and LAN2 ports generate the same output. (Forinformation about the LAN2 failover feature, see the About Port Redundancy section in the Infoblox NIOS Administrator Guide.)

vlan <id> Captures traffic for the vLAN interface on LAN1 or LAN2

duration <seconds>

Specifies the duration in seconds for which you want the traffic capture to run. The default is 1800 seconds.

filter'valid-tcpdump-filter-expression'

Allows you to set the “tcpdump” filter for traffic capture.

with-rolling Enables rolling of traffic capture file. When the traffic capture file reaches the maximum size limit, the appliance automatically saves the file into a new file and continues capturing the traffic. The appliance can save up to 4 traffic capture files.

transfer Allows you to transfer the traffic capture file to an FTP server or a SCP server.

ftp Transfers the traffic capture file to an FTP server.

scp Transfers the traffic capture file to an SCP server.

Example

Start the traffic capture

Infoblox > set traffic_capture onTraffic capture started successfully.

Stop the traffic capture

Infoblox > set traffic_capture offTraffic capture stopped successfully.

Start the traffic capture on a specific port

Page 147: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 147

Infoblox > set traffic_capture on port lan1Traffic capture started successfully.

Specify the traffic capture filter

Infoblox > set traffic_capture on port lan1 filter 'host 10.32.2.34'Traffic capture started successfully. Infoblox > set traffic_capture on port lan1 filter 'net 192.168.0.0/24'Traffic capture started successfully. For information about valid tcpdump filter expressions, refer to .https://wiki.wireshark.org/CaptureFilters

Transfer traffic capture file to an FTP server

Infoblox > set traffic_capture transfer ftp 10.120.20.239 frtest Infoblox123 dest/home/rpadasalagi/ftp_back.tar.gzWARNING: This operation may take a long time to complete Do you want to proceed? (y or n):y

Transfer traffic capture file to an SCP server

set traffic_capture transfer scp 10.120.20.239 frtest - dest /home/test/scp_back.tar.gz Enter password:WARNING: This operation may take a long time to complete Do you want to proceed? (y or n):y

WARNING: When you use the set traffic_capture transfer command, the user password is logged in the history. In order to avoid exposu re of the user password, you can enter dash (-) instead of the actual password in the <user-password> field. You can enter the password when the

appliance prompts for the password.

https://wiki.wireshark.org/CaptureFilters
Page 148: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 148

set txn_traceThe   command enables/disables tracing of DB transaction.set txn_trace

Syntaxset txn_trace [on|off]

Argument Description

on Enable tracing for DB transactions

off Disable tracing for DB transactions

ExampleInfoblox > set txn_trace

Page 149: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 149

a. b. c. d.

1. 2. 3. 4.

set wins_forwardingUse the command to configure the appliance to forward WINS packets to Microsoft DNS and DHCP servers. You can enable or set wins_fowardingdisable this feature for the entire Grid or override Grid-level settings for specific Grid members. To configure Grid level setting, you must execute this command on the Grid Master.To view information about the current packet forwarding configuration, see . show wins_forwarding

Syntaxset wins_forwarding grid|member

Argument Description

grid Configures all members in the Grid to enable or disable the forwarding of WINS packets to Microsoft DNS and DHCP servers. Grid-level setting can be set only on the Grid Master.

member Overrides the Grid settings to enable or disable packet forwarding for a specific Grid member.

Examples

Enable packet forwarding for the Grid

Infoblox > set wins_forwarding gridThis command will change default settings for WINS packets forwarding (will affect members inheriting grid settings). Continue? (y or n): yEnable WINS packets forwarding? (y or n): y Enter default WINS server IP: 1.0.0.123 Select output interface from the list:

MGMTLANLAN2VIP

WINS packets forwarding is enabled. WINS packets will be forwarded to "1.0.0.123".

Override Grid-level packet forwarding configuration for a specific Grid member

Infoblox > set wins_forwarding memberWINS forwarding on grid level is enabled. WINS server IP is 1.0.0.123. Override grid level settings? (y or n): y

Enable WINS packets forwarding on this member? (y or n): y Enter WINS server IP: 1.0.0.321Select output interface from the list:

MGMTLANLAN2VIP

WINS packets forwarding is enabled. WINS packets will be forwarded to "1.0.0.321".

Disable packet forwarding for the Grid

Infoblox > set wins_forwarding gridThis command will change default settings for WINS packets forwarding (will affect members inheriting grid settings). Continue? (y or n): y

Enable WINS packets forwarding? (y or n): n

WINS packets forwarding was disabled on grid level.

Overriding Grid-level configuration and disable packet forwarding for a specific Grid member

Infoblox > set wins_forwarding memberWINS forwarding on grid level is enabled. WINS server IP is 1.0.0.123.

Page 150: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 150

Override grid level settings? (y or n): yEnable WINS packets forwarding on this member? (y or n): n WINS packets forwarding is disabled for this member.

Page 151: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 151

show admin_group_aclThe command displays admin groups that have ACL settings.show admin_group_acl

Syntaxshow admin_group_acl

This command has no arguments.

ExampleThe following example shows the response when none of the admin groups have enabled ACL settings.

Infoblox > show admin_group_aclNone of Admin Groups have enabled ACL settings.

Page 152: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 152

show analytics_parameterThe   command displays configuration of Analytics service.show analytics_parameter

Syntaxshow analytics_parameter [grid|member]

Argument Description

grid Displays configuration of Grid Analytics service

member Displays configuration of member Analytics service

ExampleInfoblox > show analytics_parameter

Page 153: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 153

show adpThe command displays ADP (Advanced Threat Protection) details on the supported platform. You can use this command only if show adp Threat Protecti

(hardware based) or licenses are installed on the platform.on Threat Protection (Software add-on)

Syntaxshow adp

This command has no arguments.

ExampleInfoblox > show adpThreat Protection:                 Enabled Threat Protection monitor mode:    DisabledThreat Protection event stats:     CRITICAL=0 MAJOR=0 WARNING=0 INFORMATIONAL=2 Log level:                        6(Info)

Page 154: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 154

show arpThe command displays ARP (Address Resolution Protocol) data to view mappings. This allows you to see if the current state matches the show arpmappings. If the mappings are out of date, use the command. This command is also useful for troubleshooting network connectivity issues. reset arp

Syntaxshow arp

This command has no arguments.

ExampleThe following example shows the IP address (10.1.1.1), MAC address ( )00:04:96:1D:19:80 , and type of connection (ethernet).

Infoblox > show arp? (10.1.1.1) at 00:04:96:1D:19:80 [ether] or LAN

Page 155: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 155

show auto_provisionThe command shows the state of auto-provisioning for an appliance. It displays whether auto-provisioning is enabled or show auto_provisiondisabled for an appliance.

Syntaxshow auto_provision

This command has no arguments.

ExampleInfoblox > show auto_provisionAuto Provision is enabled

Infoblox > show auto_provisionAuto Provision is disabled

Page 156: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 156

show bfd detailsThe command displays the detailed BFD session details. For information about how to set the logging level, see .show bfd details set bfd

Syntaxshow bfd details

This command has no arguments.

ExampleInfoblox > show bfd detailsOutAddr             NeighAddr         LD/RD           Holdown(mult)        State     Int10.34.54.68        10.34.54.16        2/4               300(3)               Up     bond0Local Diag: 0, Demand mode: 0, Poll bit: 0MinTxInt: 100000, MinRxInt: 100000, Multiplier: 3Received MinRxInt: 100000, Received Multiplier: 3Holdown (hits): 300(0), Hello (hits): 100(1638) Authentication:None                 Last Sequence Number: Rx: 0, Tx: 1566182577 Rx Count: 1638Tx Count: 1686Last packet: Version: 1                 - Diagnostic: 0             State bit: Up              - Demand bit: 0             Poll bit: 0                - Final bit: 0             Multiplier: 3              - Length: 24             My Discr: 2       - Your Discr: 4Min tx interval: 100000- Min rx interval: 100000 Min Echo interval: 100000

Page 157: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 157

show bgpThe command displays information about the BGP configuration on the appliance, reachability information about neighbors, and BGP routes to show bgpdestinations. You can specify the command with or without an argument. A command without an argument defaults to .show bgp routeFor information about how to write statistical information to syslog, see . set bgp log

Syntaxshow bgp {route | neighbor | summary | config}

Argument Description

route Displays the BGP routing table.

summary Displays the BGP protocol summary.

neighbor Displays information about all known BGP neighbors.

config Displays the running BGP configuration file.

ExampleThe following examples are for illustration only. The actual output varies based on the Quagga version.

Infoblox > show bgp routeBGP table version is 0, local router ID is 50.0.1.2Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, R RemovedOrigin codes: i - IGP, e - EGP, ? - incomplete

                     Network            Next Hop                 Metric                LocPrf               Weight          Path* i                 10.0.1.0/24        10.0.1.1                     0                   100                  0              ?*>                           10.0.2.99              11                                  32768                ?* i                 10.0.2.0/24        10.0.1.99                    2                   100                  0              ?*>                           0.0.0.0                 1                                  32768                ?* i                 50.0.1.1/32        10.0.1.1                     0                   100                  0              i*>                        10.0.2.99               1011                                  32768                ?*                   50.0.1.2/32        0.0.0.0                      1                                        32768          ?*>                         0.0.0.0                  0                                   32768                i...

Infoblox > show bgp summaryBGP router identifier 50.0.1.2, local AS number 65001 RIB entries 25, using 1600 bytes of memoryPeers 2, using 5024 bytes of memory

Neighbor   V    AS     MsgRcvd MsgSent TblVer InQ OutQ Up/Down   State/PfxRcd10.0.1.1   4    65001  89      85      0      0   0    01:11:27  10100.0.2.4  4    65004  57      53      0      0   0    00:46:37  5

Total number of neighbors 2

Page 158: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 158

show bind_tombstones_countThe   command displays the count of bind tombstone objects in the database.show bind_tombstones_count

Syntaxshow bind_tombstones_count

There are no arguments for this command.

ExampleInfoblox > show bind_tombstones_countBind tombstone objects currently in the database: 0

Page 159: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 159

show bloxtoolsThe command displays the operational status of the bloxTools service and the usage percentage for the CPU, memory and disk show bloxtoolsresources.

Syntaxshow bloxtools

This command has no arguments.

ExampleFollowing is an example of the output displayed when you execute the command and bloxTools is enabled and its services are running:

Infoblox > show bloxtoolsbloxTools status: enabled(GREEN) CPU: 1%, Memory: 21%, Hard Disk: 0%

Page 160: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 160

show capacityThe command displays database capacity limits for your NIOS appliance. This allows you to see the object counts and types on a show capacitymember. This command is useful to see the amount of data is assigned to a member and how that relates to the member's specified capacity.

Syntaxshow capacity

This command has no arguments.

ExampleInfoblox > show capacityHardware Type = IB-2000Database Capacity = 1200000 "objects" Objects Present = 112466 (9 percent used)Count   Area        Type16638   dns         bind_a15000   dns         bind_cname 1000   dns         bind_mx19392   dns         bind_ns15501   dns         bind_ptr  836   dns         bind_soa  500   dns         bulk_host 5000   dns         dhcp_host  385   dns         dhcp_member  322   dns         dhcp_range 1538   dns         fixed_address 5000   dns         host 5000   dns         host_address 5000   dns         host_alias  265   dns         network  263   dns         shared_network_item  500   dns         srg_zone_linking   840   dns         zone18018   dns         zone_cluster_secondary_server  537   dns         zone_ext_secondary_server  208   Grid        product_license Note: Counts per object type not displayed unless at least 100 of that type exist.

Page 161: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 161

show cc_modeThe command displays the Common Criteria settings.show cc_mode

Syntaxshow cc_mode

This command has no arguments.

ExampleInfoblox > show cc_modeCommon Criteria Mode Setting:Common Criteria Mode Enabled (grid-level): Yes

Page 162: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 162

show certificate_auth_adminsThe command displays whether the certificate authentication service is enabled for admins.show certificate_auth_admins

Syntaxshow certificate_auth_admins

This command has no arguments.

ExampleInfoblox > show certificate_auth_adminsCertificate authentication is enabled for next admins:   admin   ...   [username]

Page 163: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 163

show certificate_auth_servicesThe command displays the list of certificate authentication services that are used as effective authorization show certificate_auth_servicespolicies.

Syntaxshow certificate_auth_services

This command has no arguments.

ExampleInfoblox > show certificate_auth_servicesEffective Certificate Authentication Services:   DoD CaC   [service name]

Page 164: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 164

show check_auth_nsThe   command displays check authoritative NS RRset setting.show check_auth_ns

Syntaxshow check_auth_ns

This command has no arguments.

ExampleInfoblox > show check_auth_nsCheck authoritative NS RRset is disabled

Page 165: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 165

show clusterd_infoThe   command displays clusterd run-time information.show clusterd_info

Syntaxshow clusterd_info

This command has no arguments.

ExampleInfoblox > show check_auth_ns

Waiting 5 sec while clusterd is creating dump file...g_am_master_vnode: true (configured as a master node)g_clusterd_max_nodes: 350g_active_GM_openvpn_serv_cnt (actual count of OpenVPN servers to run): 1g_first_join_attempt: falseg_using_conn_config_file (using conn info sent by grid master): falseg_delay_master_run (postpone starting master): falseg_dirty_shutdown: falseg_running_one (are the ONE services running?): trueg_is_real_unit (true for real HW): trueg_power_down_if (power-down unused interfaces): trueg_is_vnios (true for vNIOS): falseg_udp_vrrp (true for Platforms that use UDP based VRRP): falseg_am_active_master (am I the current grid master?): trueg_am_master_vnode (am I part of grid master vnode?): trueg_was_master: trueg_ha_enabled (is HA enabled?): falseg_active (am I the active node in an HA pair?): trueg_vpn_server_setup (is the VPN server setting up): falseg_directing_upgrade (are we directing the upgrade of the grid?): falseg_reverted (a flag indicating that the member just reverted): falseg_need_grid_upgrade_state_update: falseg_upgrade_lite (lite upgrade in progress): falseg_partner_upgrade_mode: UPGRADE_NONEg_db_locked_for_snapshot: falseg_rollback_failed (meaningul only if g_db_locked_for_snapshot is set): falseg_removing (am I being removed?): falseg_start_proxyd (should proxyd be running?): falseg_partial_replication_disabled (last known state): falseg_am_logging_member: falseg_failover_syncing: falseg_tftp_limit (grid-wide tftp storage limit, in MB): 500g_subgrid_cnt (number of subgrids): 0g_using_external_time_servers (is using external NTP time servers): false

Page 166: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 166

show configThe command displays the DNS, DHCP, DHCPv6, or DTC configuration files, named.conf, dhcp.conf, dhcpv6.conf, dtc.conf, and healthd. show configconf.

Syntaxshow config { dns | dhcp | dhcpv6 | dtc | healthd }

show config displays the contents of named.conf, dhcp.conf,  files. You can page through the output 10 lines at dhcpv6.conf, dtc.conf, and healthd.confa time.

Argument Description

dns Displays the named.conf file.

dhcp Displays the dhcp.conf file.

dhcpv6 Displays the dhcpv6.conf file.

dtc Displays the dtc.conf file at /Infoblox/var/idns_conf/dtc.conf

healthd Displays the healthd.conf file at /Infoblox/var/idns_conf/healthd.conf

ExampleInfoblox > show config dns   include "/infoblox/var/named_conf";    options {          zone-statistics yes;          directory "/infoblox/var/named_conf"; version "";          recursion no;          listen-on {127.0.0.1; 10.0.0.0;}          query-source address 10.0.0.0;   Enter <return> to continue with More lines or enter q<return> to go back to the command line.

Infoblox > show config dhcp   local-address 10.0.0.0.;   server-identifier 10.0.0.0;   ddns-update-style interim;    authoritative;   option domain-name "corp100.com";   mini-lease-time 43200;   max-lease-time 43200; ping-check false;   log-facility daemon;   Enter <return> to continue with More lines or enter q<return> to go back to the command line.

Infoblox > show config healthd# AUTO GENERATED FILE, DO NOT EDIT{'servers': [],'monitors': [],'checks': [],'options': {'source': 'VIP','log_idns_health': False,'log_facility': 29,'source_ip': '10.120.21.129' 'socket_limit': 9000}}

Page 167: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 167

show connectionsThe command shows the active Internet connections for the NIOS appliance. Use this command to investigate connectivity issues or show connectionsprocesses that may have stopped running.

Syntaxshow connections

This command has no arguments.

ExampleThe following example provides information on:

Proto: Active protocol, TCP or UDPRecev-Q: Packets receivedSend-Q: Packets sentLocalAddress: Host name and type of connectionForeignAddress: IP address of the system connected to the applianceState: State of the connection

Infoblox > show connections

Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0    0    localhost:kdm*:*LISTENtcp 0    0    localhost:cluster-disk*:*LISTENtcp 0    0    localhost:localdo:domain*:*LISTENtcp 0    0    localhost:domain*:*LISTENtcp 0    0    localhost:rndc*:*LISTENtcp 0    0    infoblox:localdom:https*:*LISTENtcp 0    0    localhost:https*:*LISTEN

tcp 0    0    infobloxlocaldom:https10.1.1.1:arbotext-lm ESTABLISHEDEnter <return> to continue with More lines or enter q<return> to go back to the command line.

Page 168: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 168

show connection_limitYou can use the command to display the per client IP address maximum connection limit for the following protocols: HTTP show connection_limitand HTTPS. Note that maximum connections here refer to the network level connections, not application level connections. For example, an HTTPS connection limit of 4 means that there can be a maximum of four TCP connections between any given client IP address and the appliance that are concerned using the HTTPS protocol.To set the maximum connection limit, see . set connection_limit

Syntaxshow connection_limit {http | https}

Argument Description

http The maximum connection limit for the HTTP protocol.

https The maximum connection limit for the HTTPS protocol.

Examples

Showing the Per Client Address Maximum Connection Limit for the HTTP Protocol

Infoblox > show connection_limit httpCurrent http connection limit: 150

Page 169: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 169

show cpuThe command displays the processor and memory statistics for the NIOS appliance. This command tells you how busy the appliance is and show cpuindicates if an appliance is not performing properly.

Syntaxshow cpu

This command has no arguments.

ExampleThe following example provides information on:

swpd: Amount of virtual memory (swap space) usedfree: Amount of available memoryidle: Amount of idle memorybuff: Amount of memory used as buffers (I/O)cache: Amount of memory used as cache (kernel used memory)swap

si: Amount of memory paged in (per/sec) from swap or the file systemso: Amount of memory swapped out

io: Disk input/outputbi: Blocks (4K each) received from a block appliancebo: Blocks sent to a block appliance

system

in: Number of hardware interrupts per second—measures how busy the CPU iscs: Number of context switches per second—measures how busy the CPU is

cpu: Measures (%) of CPU used in each of these areas—the total equals 100%us: Percentage of CPU used running the Infoblox product and other non-kernel processessy: Percentage of CPU used running kernel processesid: Percentage of CPU that is currently idlewa: Percentage of CPU spent waiting for disk I/O

Note: If the combined io (bi and bo) and cpu wa values are high, it is a sign that the system is overloaded.

Infoblox > showcpu---------memory------------------- -swap-- --io--- --system- -----cpu-------

swpd   free    idle   buff   cache  si  so bi bo in cs us sy id wa st0      984024  15432  51932  916660 0   0  0  42 61 94 3  2  95 0  0

Page 170: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 170

show dateThe command displays the current date, time zone, and time of a NIOS appliance. Use this command if you log in to an appliance from a show datedifferent time zone. This command is helpful when dealing with a Grid that comprises multiple appliances in multiple time zones.

Syntaxshow date

This command has no arguments.

ExampleInfoblox > show dateTue Aug 16:24:19 EDT 2006

Page 171: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 171

show database_transfer_statusThe  command displays the status of the database backup transfer to a specified SCP server. If the status displays show database_transfer_statusany errors or failures, see the infoblox.log file for more information. To trigger the database transfer or backup, use the set database_transfer scpcommand.

Syntaxshow database_transfer_status

This command has no arguments.

ExampleShow the current status of database backup transfer (if the transfer status is in progress):

Infoblox > show database_transfer_status

Backup in Progress

Show the current status of database backup transfer (if the transfer status is completed):

Infoblox > show database_transfer_status

Transfer Complete

Show the current status of database backup transfer (if the transfer status has failed):

Infoblox > show database_transfer_status

Transfer was failed. Check the infoblox.log for failures

Page 172: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 172

show debugThe command shows whether debug logging is on or off. When on, debug logging captures all traffic and processes on the NIOS appliance. show debugDue to the verbose nature and the extent of the information captured, these log files grow at a rapid rate. For information on how to turn on or off the debug logging, see . set debug

Note: Infoblox recommends that you turn off debug logging unless Infoblox Support specifically directs you to turn on this feature. If left on, debug logging can cause performance issues.

Syntaxshow debug

This command has no arguments.

ExampleInfoblox > show debugDebug logging status : enabled

Infoblox > show debugDebug logging status : disabled

For information on viewing the output of the debug log file, see . show log

Page 173: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 173

show debug_analyticsThe   command shows the status of Analytics service debugging.show debug_analytics

Syntaxshow debug_analytics

This command has no arguments.

ExampleInfoblox > show debug_analyticsshow debug_analyticsoff

Page 174: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 174

show default_routeThe command displays the default gateway settings for the NIOS appliance. For information on how to change your default route show default_routesettings, see . set default_route

Syntaxshow default_route

This command has no arguments.

ExampleInfoblox > show default_route Gateway for the default route: LAN1 IPv4 default Gateway: 10.35.0.1IPv6 default Gateway: 2620:10a:6000:2400::1

Page 175: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 175

show delete_tasks_intervalThe command shows the time interval the appliance waits until it deletes the completed and rejected tasks from the system. show delete_tasks_intervalOnce the tasks are removed, they are no longer displayed in the tab of . The default interval is 14 days. For information Task Manager Grid Managerabout how to configure this time interval, see . set delete_tasks_interval

Syntaxshow delete_tasks_interval

This command has no arguments.

ExampleInfoblox > show delete_tasks_intervalshow delete_tasks_intervalCurrent delete tasks interval is 25 days

Page 176: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 176

show dhcp_gss_tsigThe commands provide information about an Infoblox DHCP server that is configured to send GSS-TSIG authenticated DDNS show dhcp_gss_tsigupdates to an AD integrated DNS server. You can use these commands to verify your configuration and troubleshoot potential issues. You can also test whether the appliance can communicate with the Key Distribution Center (KDC) and the DNS server.

Syntaxshow dhcp_gss_tsig config show dhcp_gss_tsig keytabshow dhcp_gss_tsig test dns {ns-ip}show dhcp_gss_tsig test kdc {kdc-ip} {principal}

Argument Description

config Displays configuration information and runs tests to verify the configuration.

keytab Displays information about the keytab file that is in use by the appliance.

test dns Tests the configuration by verifying that the destination DNS server is reachable.You must enter the IP address of the destination DNS server.

test kdc Tests the configuration by obtaining a test Ticket Granting Ticket (TGT)) from the configured KDC.You must specify the following:

IP address of the AD domain controller that hosts the KDC for the domainThe Kerberos principal you specified when you generated the keytab file, in the following format: @username/instance REALM

username/instance: The AD user name for the NIOS appliance and the FQDN of the appliance. This entry must be the same on the AD domain controller and the Infoblox appliance.REALM: The Kerberos realm in uppercase.

Examples

Displaying GSS-TSIG configuration information and run a test

The command displays the following information: show dhcp_gss_tsig config

Whether DHCP and GSS-TSIG dynamic DNS updates are enabled on the applianceThe system time in UTCInformation about the KDC, principal, and domain

After it displays information, the appliance can test if it can obtain a TGT from the KDC and provides information about that transaction. Note that the TGT is for test purposes only and does not affect the data used by DHCP and DNS.It can also test the external zones that are supposed to receive the DDNS updates as follows:

Verify if the external zones specified in the member's network view match the member's domainQuery the name server IP address for the address of the FQDN from the DNS principalQuery the name server for the SOA of the zone. It displays a warning if the name server does not respond or if the result does not list the FQDN from the DNS principal as authoritative.

Infoblox > show dhcp_gss_tsig configSystem time: Tue Oct 21 16:01:43 UTC 2008D

HCP GSS-TSIG configuration for this member:

KDC address                  10.34.123.4KDC IP                       10.34.123.4Member principal         jdoe/[email protected] domain                CORP100.LOCALGSS-TSIG                     enabledDDNS updates                 enabledDHCP service                 enabled

Page 177: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 177

Test KDC using member configuration? (y or n): yRequesting TGT for jdoe/[email protected] from KDC 10.34.123.4... Successfully obtained test TGT.Credentials cache: FILE:/tmp/krb5_cache.18338        Principal: jdoe/[email protected]   Cache version: 4Server: krbtgt/[email protected] Client: jdoe/[email protected] etype: arcfour-hmac-md5, kvno 2 Ticket length: 957Auth time: Oct 21 12:00:52 2008End time:Oct 21 13:00:52 2008Ticket flags: initial, pre-authenticated Addresses: addresslessSuccessful test. Test TGT destroyed.

This member is configured to update the following zones: corp100 on 10.34.123.4 as dns/ns-corp100.CORP100.local

Test configured zones? (y or n): y

Next zone is corp100 on 10.34.123.4. Test this zone? (y or n): yTesting external zone corp100 on NS 10.34.123.4... DNS principal is dns/ns-corp100.corp100.local.Derived FQDN is ns-corp100.corp100.local. FQDN resolves to nameserver IP.SOA for corp100 has MNAME ns-corp100.corp100.local. Nameserver is authoritative for zone.Zone corp100 appears valid.

Displaying information about the keytab

The command displays the current keytab. show dhcp_gss_tsig keytab

Infoblox > show dhcp_gss_tsig keytabVno Type Principal7 des-cbc-md5 jdoe/[email protected]

Verifying the DNS server

The command verifies the destination DNS server by performing a reverse lookup of the IP address.show dhcp_gss_tsig test dns

Infoblox > show dhcp_gss_tsig test dns 10.34.123.4Querying DNS server 10.34.123.4... Server responded.

Probable DNS principal: dns/ns-corp100.corp100.local

Obtaining a test TGT from the KDC

When you use the show dhcp_gss_tsig test kdc command, the appliance tries to obtain a TGT from the KDC using the specified principal. It provides information about the transaction and upon successful completion, deletes the test TGT.

Infoblox > show dhcp_gss_tsig test kdc 10.34.123.4 jdoe/[email protected] TGT for jdoe/[email protected] from KDC 10.34.123.4...Successfully obtained test TGT.

Credentials cache: FILE:/tmp/krb5_cache.12000        Principal: jdoe/[email protected]     Cache version: 4

Server: krbtgt/[email protected] Client: jdoe/[email protected] etype: arcfour-hmac-md5, kvno 2 Ticket length: 957Auth time: Oct 21 12:30:01 2008End time:Oct 21 13:30:01 2008Ticket flags: initial, pre-authenticated Addresses: addressless

Successful test. Test TGT destroyed.

Page 178: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 178

show dhcpd_recv_sock_buf_sizeThe displays the current DHCP receive socket buffer size. The default is 1,536 kilobytes. For information about show dhcpd_recv_sock_buf_sizehow to set the receive socket buffer size, see . set dhcpd_recv_sock_buf_size

Syntaxshow dhcpd_recv_sock_buf_size

This command has no arguments.

ExamplesFor NIOS Appliances

Infoblox > show dhcpd_recv_sock_buf_sizeDHCP 'dhcpd' UDP receive socket buffer size: 1500 KB

Page 179: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 179

show dhcpv6_gss_tsigThe commands provide information about an Infoblox DHCP server for IPv6 that is configured to send GSS-TSIG show dhcpv6_gss_tsigauthenticated DDNS updates to an AD integrated DNS server. You can use these commands to verify your configuration and troubleshoot potential issues. You can also test whether the appliance can communicate with the Key Distribution Center (KDC) and the DNS server.

Syntaxshow dhcpv6_gss_tsig config show dhcpv6_gss_tsig keytab

show dhcpv6_gss_tsig test dns {ns-ip}show dhcpv6_gss_tsig test kdc {kdc-ip} {principal}

Argument Description

config Displays configuration information and runs tests to verify the configuration.

keytab Displays information about the keytab file that is in use by the appliance.

dns Tests the configuration by verifying that the destination DNS server is reachable.You must enter the IP address of the destination DNS server.

kdc Tests the configuration by obtaining a test Ticket Granting Ticket (TGT)) from the configured KDC.You must specify the following:

IP address of the AD domain controller that hosts the KDC for the domainThe Kerberos principal you specified when you generated the keytab file, in the following format: @username/instance REALM

username/instance: The AD user name for the NIOS appliance and the FQDN of the appliance. This entry must be the same on the AD domain controller and the Infoblox appliance.REALM: The Kerberos realm in uppercase.

Page 180: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 180

show disable_lazyloadThe   command displays the status of lazy loading. You can use the  command to enable or disable  show disable_lazyload set disable_lazyloadlazy loading of objects. For more information, see  .set disable_lazyload

Syntaxshow disable_lazyload

This command has no arguments.

ExampleInfoblox > show disable_lazyloadLazy loading is disabled.

https://docs.infoblox.com/display/nios84draft/set+disable_lazyload
Page 181: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 181

show diskThe command displays the disk space that is used. Use this command to verify the amount of free disk space on the NIOS and vNIOS virtual show diskappliances. Infoblox recommends that you regularly check the available disk space. Clear off outdated logs to maintain maximum available disk space. You should not allow the disk to become completely full because this can be detrimental to the performance of the appliance.

Syntaxshow disk

This command has no arguments.

ExamplesFor NIOS Appliances

Infoblox > show diskAvailable disk space: 207G Disk space used: 4% Infoblox >

For vNIOS Virtual AppliancesInfoblox > show diskAvailable disk space: 53G Disk space used: 5%Overall disk capacity: 120G Infoblox >

Page 182: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 182

show dnsThe command displays DNS query statistics for all DNS views. It also displays the recursive cache for the specified DNS views. This show dnscommand displays IDN data in punycode.

Syntaxshow dns {stats | cache [wait_time ntime][dns_view...]}

Argument Description

stats Displays DNS query statistics for all DNS views. You can also use this command to display DNS query statistics for all the DNS views of DNS cache acceleration on IB-FLEX.

ntime The maximum time (from 1 to 600 seconds) to wait for the cache file to be ready.

cache dns_view

Specifies the DNS views for which you want to display the recursive cache.

ExampleInfoblox > show dns statssuccess 10referral 0nxrrset 0nxdomain 0recursion 0failure 10

Page 183: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 183

show dns-accelThe command displays DNS Cache Acceleration information. This command is available for: show dns-accel

IB-4030 appliances only when the license is present.DNS Cache AccelerationIB-FLEX only if the license is present in the Grid.Flex Grid Activation

Syntaxshow dns-accel

ExampleInfoblox > show dns-accel

Log level: 2(Critical)Cache: EnabledMinimum cached TTL: 1Maximum cached lifetime: 86400Cache hit count: 0Cache miss count: 0DNS query stats: SUCCESS=0 NXDOMAIN=0 NXRRSET=0 FAILURE=0 REFERRAL=0System UDP DNS query count: LAN1=0 LAN2=0 MGMT=0 HA=0System UDP DNS response count: 0

Infoblox > show dns-accel

Log level: 5(Notice)Cache: EnabledMinimum cached TTL: 1Maximum cached lifetime: 86400Cache hit count: 0Cache miss count: 0DNS query stats: SUCCESS=0 NXDOMAIN=0 NXRRSET=0 FAILURE=0 REFERRAL=0System UDP DNS query count: LAN1=0 LAN2=0 MGMT=0 HA=0System UDP DNS response count: 0

Page 184: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 184

show dns-accel-cacheThe command enables you to view the cache for DNS Cache Acceleration. It fetches and displays new acceleration cache show dns-accel-cachedata. For existing files, it displays data from the previous collection, if present. This command is available for:

IB-4030 appliances only when the license is present.DNS Cache AccelerationIB-FLEX only if the license is present in the Grid.Flex Grid Activation

Syntaxshow dns-accel-cache

ExampleInfoblox > show dns-accel-cache

Cache is empty

Infoblox > show dns-accel-cache

Warning: This operation will temporarily disable the acceleration cache to obtain the latest cached data.

The operation should take about 15 seconds to complete.

During this period, this member's DNS query performance may be significantly reduced, and changes to the member's DNS configuration will not be permitted.

Are you sure you want to proceed with this operation (y/n): y

Cache data obtained at 2018-12-14-06:22:51

Note: In case of multiple RR's, they will be printed on their own line after the first one, aligned with commas to match correct column.

Number,Query question,Query type,Query class,AAAA Filtered,Recursion,View,Original TTL,Remaining TTL,Usage count,Last accessed,RR section,Type of RR,RR name,RR TTL,RR data,MX preference,RCode,Debug<1>,Debug<2>,PCP word

1,cnn.com,A,IN,NO,0,1,3600,3588,3,3,AA,A,cnn.com,3600,151.196.31.120,,0,3,3588

,,,,,,,,,,,AD,,EDNS0,.,0,

0x00000000000000040000000000000000

Page 185: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 185

show dns_gss_tsigThe commands provide information about an Infoblox DNS server that is configured to receive GSS-TSIG authenticated DDNS show dns_gss_tsigupdates from a DHCP server. You can use these commands for diagnostic purposes and to troubleshoot issues.

Syntaxshow dns_gss_tsig counters [crypto]| keytab

Argument Description

counters Displays information from the internal counters, which are non-persistent and reset to zero when services are restarted. It displays the number of TKEY (transaction key) requests the Infoblox DNS server has accepted and the number of GSS-TSIG authenticated DDNS updates received.If you specify the display includes the number of successful and failed attempts to establish a security by context, by encryption crypto,type.

keytab Displays information about the DNS keytab files that are in use by the appliance.

ExampleInfoblox > show dns_gss_tsig keytab

Vno Type Principal4 des-cbc-md5 DNS/[email protected]

Page 186: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 186

show dns_rrlThe command provides information about the Grid or member DNS RRL (Response Rate Limiting) settings. You can use the show dns_rrl set dns_r

command to configure the DNS RRL settings. For more information, see . rl set dns_rrl

Syntaxshow dns_rrl [member <hostname> | view <viewname> | grid]

The Note: show dns_rrl command accepts the member option only on the Grid Master.

Argument Description

member <hostname> The FQDN of the Grid member.

view <viewname> The name of the DNS view.

grid Show RRL settings for the Grid.

ExamplesInfoblox > show dns_rrl gridGrid RRL configuration:

  responses_per_second: 200  window: 15 (default)  slip: 3  log_only: false (default)

Grid logging configuration:  log rate-limit: true (default)

Page 187: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 187

show docker_bridgeThe   show docker_bridge command displays the IP address of the current Docker bridge. You can then choose to reset the IP address by running the 

 command.set docker_bridge

Syntaxshow docker_bridge

This command has no arguments.

Example    Infoblox > show docker_bridge

    Current Docker Bridge settings:

    Bridge Gateway/CIDR: 172.17.0.1/16

https://docs.infoblox.com/display/nios84draft/set+docker_bridge
https://docs.infoblox.com/display/nios84draft/set+docker_bridge
Page 188: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 188

show dscpThe command provides information about the Grid and member DSCP values in both decimal and hexadecimal formats. You can use the show dscp set

command to configure the DSCP value. For more information, see .dscp set dscp

Syntaxshow dscp

This command has no arguments.

ExamplesFor a Grid:

Infoblox > show dscpGrid Level: 30 (Ox1e)Member Level:Override grid setting            20 (Ox14)

Infoblox > show dscpGrid Level: 30 (Ox1e) Member Level:Use grid setting

For an independent appliance:

Infoblox > show dscpDSCP:       28 (Ox1c)

Page 189: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 189

show dtc_geoipThe command provides information about the GeoIP labels that are available in the current MaxMind location database for the show dtc_geoiprespective IP address. You can run this command only if you have installed the DNS Traffic Control license. For more information about DNS Traffic Control, refer to the .Infoblox NIOS Administrator Guide

Syntaxshow dtc_geoip <ip-address>

Argument Description

ip-address Valid IPv4/IPv6 address of the host.

ExamplesInfoblox > show dtc_geoip 54.243.36.49Continent = North America Country = United States Subdivision = Virginia

Infoblox > show dtc_geoip 2607:f8b0:400a:804::1012Continent = North America Country = United States Subdivision = Atlanta

Page 190: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 190

show enable_match_recursive_onlyUse the command to view the status of the match-recursive-only option for all DNS views on a specific Grid show enable_match_recursive_onlymember. For information about how to use the match-recursive-only feature, see , and also refer to the set enable_match_recursive_only Infoblox NIOS Ad

.ministrator GuideThe command reports one of three possible states: show enable_match_recursive_only

True: The DNS view is set to use the match-recursive-only setting to restrict and filter client access for the view.False: The DNS view does not use the match-recursive-only setting.Inherit: The default, where the DNS view inherits its match-recursive-only setting from the Grid.

Syntaxshow enable_match_recursive_only

This command has no arguments.

ExampleInfoblox > show enable_match_recursive_only   View 'default': false    View 'dnsview1': true   View 'external': inherit

Page 191: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 191

show fileThe command displays specified groups and files that you can access for diagnostic purposes. You can page through the display 10 lines at show filea time. Use this command to view files after you enable the bloxTools Environment service.

Syntaxshow file {groups | group}show file group file1 [file2 ...] [follow]

If you use the show file command without any arguments, it displays all the files that you can manage with this command. If you use the groups argument, a list of all groups is shown.If you use the show file command with a group argument but no file it displays a list of all the files in the specified group. If you use the , show file command with group and file arguments, you can specify a real-time (live) view of the file—the same as the using tail -f arguments. You can interrupt the display by pressing Enter.

Argument Description

groups Displays a list of available groups.

group Displays a list of files for the specified group.

group file1 [file2 ...] Displays the specified (group) files.

follow Displays the contents of the file live, in real-time.

ExamplesViewing bloxTools Files

Infoblox > show file bloxtools portal_accessShowing file /storage/web-portal/udata/logs/access.logInfoblox > show file bloxtools portal_errorShowing file /storage/web-portal/udata/logs/error.log[Thu Sep 04 11:07:59 2008] [warn] RSA server certificate CommonName (CN)`www.infoblox.com' does NOT match server name!?[Thu Sep 04 11:08:03 2008] [notice] Digest: generating secret for digest authentication...[Thu Sep 04 11:08:03 2008] [notice] Digest: done[Thu Sep 04 11:08:04 2008] [warn] RSA server certificate CommonName (CN)`www.infoblox.com' does NOT match server name!?[Thu Sep 04 11:08:04 2008] [notice] Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8hDAV/2 mod_perl/2.0.3 Perl/v5.8.8 configured -- resuming normal operations[Thu Sep 04 11:11:34 2008] [warn] RSA server certificate CommonName (CN)`www.infoblox.com' does NOT match server name!?[Thu Sep 04 11:11:39 2008] [notice] Digest: generating secret for digest authentication...[Thu Sep 04 11:11:39 2008] [notice] Digest: done[Thu Sep 04 11:11:40 2008] [warn] RSA server certificate CommonName (CN)`www.infoblox.com' does NOT match server name!?[Thu Sep 04 11:11:40 2008] [notice] Apache/2.2.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.8hDAV/2 mod_perl/2.0.3 Perl/v5.8.8 configured -- resuming normal operations

Page 192: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 192

Infoblox > show file bloxtools portal_logShowing file /storage/web-portal/udata/logs/syslog.logSep 4 11:07:55 (none) kernel: Linux version 2.6.17.4 (root@buildvm2) (gcc version3.2.1) #1 Thu Aug 28 02:20:30 EDT 2008Sep 4 11:07:55 (none) kernel: On node 0 totalpages: 32768Sep 4 11:07:55 (none) kernel: DMA zone: 32768 pages, LIFO batch:7Sep 4 11:07:55 (none) kernel: Built 1 zonelistsSep 4 11:07:55 (none) kernel: Kernel command line: root=/dev/root rootfstype=hostfsrootflags=/storage/web-portal/root_fs ubdb=/storage/web-portal/swapfileubdc=/storage/web-portal/storagefile mem=128M eth0=tuntap,uml_htap0 con0=null con1=ptscon2=pts hostfs=/storage/web-portalSep 4 11:07:55 (none) kernel: PID hash table entries: 1024 (order: 10, 4096 bytes)Sep 4 11:07:55 (none) kernel: Dentry cache hash table entries: 16384 (order: 4, 65536bytes)Sep 4 11:07:55 (none) kernel: Inode-cache hash table entries: 8192 (order: 3, 32768bytes)Sep 4 11:07:55 (none) kernel: Memory: 124372k availableSep 4 11:07:55 (none) kernel: Calibrating delay loop... 1648.23 BogoMIPS (lpj=8241152)Sep 4 11:07:55 (none) syslog-ng[699]: syslog-ng starting up; version='2.0.6'Sep 4 11:07:55 (none) kernel: Mount-cache hash table entries: 512Enter <return> to continue with More lines or enter q<return> to proceed to the nextfile

Page 193: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 193

show forced_autosyncThe   command displays whether forced autosync is turned on or off.show forced_autosync

Syntaxshow forced_autosync

This command has no arguments.

ExampleInfoblox > show forced_autosyncForced autosync is disabled

Page 194: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 194

show hardware_statusThe command displays information about the various hardware components of a NIOS appliance. It displays the power show hardware_statussupply status, fan speed, the CPU temperature, and status of the RAID array (for the Infoblox-2000 only).

Syntaxshow hardware_status

This command has no arguments.

ExampleThe following example displays the status of an Infoblox-2000.

Infoblox > show hardware_status POWER:Power OK

Fan1:5075 RPM Fan2:4927 RPM Fan3:4787 RPM

CPU1_TEMP: +42.0 C CPU2_TEMP: +48.0 C

SYS_TEMP: +49 C RAID_ARRAY: OPTIMAL

RAID_BATTERY: OK READY Yes 103 HOURS

The following are notes about the output:

POWER: Displays the status of the power supply. The Infoblox-1552, -1552-A and -2000 have redundant power supplies. If one power supply fails, the line displays POWER FAIL. To find out which power supply failed, check the LEDs of the power supplies.Fan1, Fan2, Fan3: Displays the fan speed. The Infoblox-2000 has three fans, therefore the sample output displays the speed of each fan. If a fan is not functioning, the output displays 0 RPM.CPU1 TEMP, CPU2 TEMP: Displays the CPU temperature.SYS TEMP: Displays the operating temperature of the appliance.RAID ARRAY: Displays the status of the RAID array of an Infoblox-2000. If at least one disk is not functioning properly, this line indicates that the RAID array is degraded and lists the disks which are online. It also indicates when the RAID array is rebuilding. If there is a disk mismatch, this line indicates so and lists all the RAID disks and their disk types.RAID BATTERY: This line reports the status of the disk controller backup battery. It includes the following information:

Charge status: Displays either OK or CHARGING.Ready status: Displays either READY YES or READY NO.Hours: Displays the estimated number of hours remaining on the battery.

Note: This command is not supported on vNIOS appliances on Riverbed and VMware. The vNIOS appliance displaysNo sensors present when you enter this command.

Page 195: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 195

show hardware-typeUse the command to display the current hardware type for your appliance. show hardware-type

For IB-FLEX only, you can set the hardware type on an appliance and configure it as an IB-FLEX. For more information, see . For set hardware-typeinformation about IB-FLEX, see .About IB-FLEX

Syntaxshow hardware-type

This command has no arguments.

ExampleTo display the hardware type of an appliance:

Infoblox > show hardware-type

Member Hardware Type: IB-FLEX

https://docs.infoblox.com/display/nios84/About+IB-FLEX
Page 196: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 196

show hwidThe command displays the hardware ID. The information provided by this command is required for acquiring a new license. show hwid

Syntaxshow hwid

This command has no arguments.

ExampleInfoblox > show hwidHardware ID: 4dcef037e91a403fe05e10ecd241

Page 197: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 197

show ibtrapThe command displays whether SNMP traps and email notifications are enabled for the specified event category. show ibtrap

Syntaxshow ibtrap [category]

Argument Description

category Valid values are:Fan, Bloxtools, Disk, Memory, CPU, MGM, HSM, Login, PowerSupply, FTP, TFTP, HTTP, NTP, DNS, DHCP, RootFS, Database,R AID, HA, MSServer, Backup, Clear, SNMP, LCD, SSH, SerialConsole, ENAT, Network, Cluster, Controld, OSPF, IFMAP, BGP, CaptivePortal, DuplicateIP, License, System, Syslog, DiscoveryConflict, ReportingVolume, DisconnectedGrid

ExampleInfoblox > show ibtrap FanTrap Category: Fan snmp: trueemail: false

Page 198: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 198

show interfaceThe command displays network interface details. The information reveals how the NIOS appliance is connected to the network. It show interfaceshows line rate, broadcast address, and whether packets are being dropped. This information allows you to check the status, find the MAC address of an appliance, and provides statistics on the quality of the network signal. This command also displays whether IPv6 is enabled. On the Infoblox-250, -550-A,-1050-A, -1550-A, -1552-A, -2000, and -2000-A appliances, the appliance displays information about the LAN2 port as well. It also displays the bonded interface information when NIC bonding is enabled in the NIOS appliance.For information about how to change your interface settings, see . set interface

Syntaxshow interface [name | all]

Argument Description

name Displays information about a specific interface. Enter one of the following: lan, lan2, ha, mgmt, or loopback.

all Displays information about all interfaces.

ExampleThe following example illustrates how you can use the command to view the IP address and MAC address of an appliance, and its show interfacenetwork connection details. Note that when you manually configure the speed and duplex of an interface, the appliance communicates only the settings. When you configure the Speed/Duplex settings at 1000M/Full, auto-negotiating is required and the appliance displays Enabled (Speed/Duplex

instead of in the field, as shown in the following example.configured by user) Enabled NegotiationStatistical information is also provided on the packets received and transmitted, as well as any errors that have occurred. Lack of packet activity can be a sign of connectivity problems, dropped packages, overruns, or collisions.

Infoblox > show interfaceLAN:

IP Address: 10.34.33.11           MAC Address: 00:30:48:98:63:ADMask:255.255.255.0                Broadcast:   10.34.33.255MTU: 1500                         Metric:      1IPv6 Link:          fe80::230:48ff:fe98:63ad/64 IPv6 Status:        EnabledNegotiation: EnabledSpeed:       1000M                Duplex:Full DSCP Value:     30Status:  UP BROADCAST RUNNING MULTICAST

Statistics Information Received

packets:  24812        bytes:   11660993 (11.1 Mb)errors:   0            dropped: 0overruns: 0            frame:   0

Transmitted

packets:  23148         bytes:   11493844 (10.9 Mb)errors:   0             dropped: 0overruns: 0             carrier: 0

Collisions: 0             Txqueuelen: 1000

LAN2:

IP Address: 10.1.1.35           MAC Address: 00:30:48:98:63:AFMask:       255.255.255.0       Broadcast:   10.1.1.255MTU:        1500                Metric:      1IPv6 Link:         fe80::230:48ff:fe98:63af/64 Negotiation: EnabledSpeed: 1000M              Duplex:        Full Status:    UP BROADCAST RUNNING MULTICAST

Statistics Information

 Received

Page 199: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 199

packets:  11          bytes:   836 (836.0 b)errors:   0           dropped: 0overruns: 0           frame:   0

 Transmitted

packets:  0           bytes: 0 (0.0 b)errors:   0           dropped: 0overruns: 0           carrier: 0Collisions: 0         Txqueuelen: 1000

Enter <return> to continue with More lines or enter q<return> to go back to command line

Page 200: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 200

show ip_rate_limitThe command displays the current rate limiting rules. You configure rate limiting rules to limit access or block connections from show ip_rate_limitexternal sources. The rules take effect immediately when you enable rate limiting. For information on rate limiting and on how to configure rate limiting rules, see . set ip_rate_limit

Syntaxshow ip_rate_limit

This command has no arguments.

Example

Viewing the current rate limiting rules

IP rate limiting is enabled.Source            Limit               Burst============================================ 10.10.1.1        0 packets/minute     0 packets10.10.1.2        5 packets/minute     5 packets10.10.2.1/24     5 packets/minute     10 packetsall              5000 packets/minute  5000 packets

Page 201: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 201

show ipv6_bgpThe command displays the local NIOS appliance's IPv6 BGP configuration, reachability information about neighbors, and BGP routes to show ipv6_bgpdestinations. You can specify the command with or without an argument. A command without an argument defaults to . show bgp routeFor information about how to write statistical information to syslog, see . set bgp log

Syntaxshow ipv6_bgp {route | neighbor | summary | config}

Argument Description

route Displays the BGP routing table.

summary Displays the BGP protocol summary.

neighbor Displays information about all known BGP neighbors. If only IPv4 BGP information is available, this command option displays IPv4 information.

config Displays the running BGP configuration file, including all IPv4 and IPv6 configuration, prefix lists and access-lists.

If no applicable information is available (for example, the current device has no IPv6 BGP configuration and hence no IPv6 BGP neighbor information), you are returned to the NIOS CLI prompt.

ExampleInfoblox > show ipv6_bgp summaryBGP router identifier 10.34.1.179, local AS number 1 RIB entries 3, using 288 bytes of memoryPeers 1, using 4560 bytes of memory

Neighbor    V   AS  MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd10.34.1.178 4   10  192542  240631      0    0    0 02:45:16      0

Total number of neighbors 1 Infoblox > show ipv6_bgp neighborBGP neighbor is 2001:1938:BA8::22AA:1, remote AS 10, local AS 1, external link  BGP version 4, remote router ID 10.36.1.66 BGP state = Established, up for 02:11:21  Last read 14:34:06, hold time is 16, keepalive interval is 4 seconds   Neighbor capabilities:   4 Byte AS: advertised and received   Route refresh: advertised and received(old & new)   Address family IPv4 Unicast: advertised and received    Address family IPv6 Unicast: advertised and received Message statistics: Inq depth is 0 Outq depth is 0

Inq depth is 0Outq depth is 0

                                   Sent    RcvdOpens:                             118     25

Notifications:                     13      88Updates:                           219     0Keepalives:                        239773  192022Route Refresh:                     0       0Capability:                        0       0Total:                             240123  192135

Enter <return> for next page or q<return> to go back to command line. Minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast   NEXT_HOP is always this router  Community attribute sent to this neighbor(both)   Inbound path policy configured  Outbound path policy configured  Incoming update prefix filter list is *DEFAULT   Outgoing update prefix filter list is *ANYCAST  0 accepted prefixes

Page 202: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 202

For address family: IPv6 Unicast  Community attribute sent to this neighbor(both)  0 accepted prefixes

  Connections established 73; dropped 72  Last reset 02:13:50, due to BGP Notification send

Local host: 10.34.1.179, Local port: 179Foreign host: 10.34.1.178, Foreign port: 43135Nexthop: 10.34.1.179

Nexthop global: 2001:db8:a22:1b0::3 Nexthop local: fe80::230:48ff:febc:9503 BGP connection: non shared networkRead thread: on Write thread: off

Page 203: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 203

show ipv6_disable_on_dadThe command displays whether IPv6 is disabled, when a duplicate IPv6 address is detected, on the corresponding show ipv6_disable_on_dadinterface.

Syntaxshow ipv6_disable_on_dad

ExamplesInfoblox > show ipv6_disable_on_dadDisable IPv6 if duplicate IPv6 address detected: off

Infoblox > show ipv6_disable_on_dadDisable IPv6 if duplicate IPv6 address detected: on

Page 204: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 204

show ipv6_neighborThe command displays the status, IPv6 address and link-local address (normally, the MAC address of the neighboring port) of the show ipv6_neighborIPv6 neighbor for the specified NIOS appliance interface–LAN, LAN2 or MGMT.

Syntaxshow ipv6_neighbor <lan|lan2|mgmt>

If no applicable information is available (for example, the current device has no IPv6 configuration and hence no IPv6 neighbor information), you are returned to the NIOS CLI prompt.

ExampleInfoblox > show ipv6_neighbor lanfe80::204:96ff:fe1d:1980 lladdr 00:04:96:1d:19:80 router STALE

Page 205: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 205

show ipv6_ospfThe command displays configuration and statistical information about the OSPFv3 protocol (if any) running on the NIOS appliance. show ipv6_ospfFor information on changing OSPF log settings, see . set ipv6_neighbor

Syntaxshow ipv6_ospf {route | interface | database | neighbor | configuration}

Argument Description

route Displays the OSPF routing table, as determined by the most recent SPF calculation.

interface Displays the state and configuration on all interfaces configured with OSPF.

database Displays all OSPF database information.

neighbor Displays the OSPF neighbor information.

configuration Displays the running OSPF configuration file.

ExamplesInfoblox > show ipv6_ospfOSPFv3 Routing Process (0) with Router-ID 10.34.1.179 Running 11d03:14:41 Number of AS scoped LSAs is 2 Number of areas in this router is 1 Area 0.0.0.61    Number of Area scoped LSAs is 4    Interface attached to this area: eth1

Infoblox > show ipv6_ospf interfaceeth1 is up, type BROADCAST Interface ID: 11 Internet Address:    inet : 10.34.1.179/29    inet6: 2001:db8:a22:1b0::3/64    inet6: fe80::230:48ff:febc:9503/64 Instance ID 0, Interface MTU 1500 (autodetect: 1500) MTU mismatch detection: enabled Area ID 0.0.0.61, Cost 1 State BDR, Transmit Delay 1 sec, Priority 1 Timer intervals configured:  Hello 10, Dead 40, Retransmit 5 DR: 255.1.1.1 BDR: 10.34.1.179 Number of I/F scoped LSAs is 2  0 Pending LSAs for LSUpdate in Time 00:00:00 [thread off]  0 Pending LSAs for LSAck in Time 00:00:00 [thread off]eth2 is down, type BROADCAST

Page 206: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 206

show lcdThe command displays whether the LCD keys are turned on or off. show lcd

Syntaxshow lcd

This command has no arguments.

ExampleInfoblox > show lcdNo LCD present

Page 207: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 207

show lcd_infoThe command displays status, CPU temperature, network settings, version, hardware ID, and licensing information. It also displays the show lcd_infobonded interface information when NIC bonding is enabled in the NIOS appliance. This command combines the output of the following CLI commands: show

and ., , ,status show temperature show network show license

Syntaxshow lcd_info

This command has no arguments.

ExampleInfoblox > show lcd_infoGrid Status: ID Grid Master HA Status:   Not Configured

CPU_TEMP: +45.5 C

Current network settings:  IP Address:           10.35.0.20  Network Mask:         255.255.255.0  Gateway Address:      10.35.0.1  HA enabled:           false  Grid Status:        Master of Infoblox Grid

Version         : 4.2r2-0Hardware ID     : 553a25c34f45e4a2a2349d996ae1285

License Type    : Grid Expiration Date : 05/31/2009License String  : GQAAAL8oY9e0uaH3MMKfPdLXrWDTs5D4p3UerF8=

License Type    : DNS Expiration Date : PermanentLicense String  : EQAAAL4oZM7r+K+zctvOPdLUpH3V

License Type    : Grid Maintenance Expiration Date : 05/31/2009License String  : GwAAALEjbsGypr37HNSWfNLV4C/Q/5Lw6yxQ/V7Pdg==

License Type    : NIOS Maintenance Expiration Date : 05/31/2009License String  : GwAAALQveMGZuqbuM8iReNLV4C/Q/5Lw6yxQ/lvMJg==

License Type    : DHCP Expiration Date : PermanentLicense String  : EgAAAL4udMK65OLibpafIZ+Y/S6A5Q==

Note: This command is not supported on vNIOS appliances on Riverbed and VMware. On a Riverbed platform, the command generates show lcd_infonetwork settings and licensing information, but not the hardware information. The No sensors present message is displayed in place of the hardware information.

Page 208: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 208

show lcd_settingsThe command displays the value of these fields: lcd_autodim/lcd_brightness/lcd_hwident. show lcd_settings

Syntaxshow lcd_settings

This command has no arguments.

ExampleInfoblox > show lcd_settingsLCD settings can not be configured.

Page 209: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 209

show licenseThe command displays information about the licenses installed on NIOS appliances, vNIOS appliances, and Orchestration Servers. For show licenseinformation, refer to the . You can use this command to view licenses that were transferred from one vNIOS on VMware Infoblox NIOS Administrator Guideappliance to another. For information on how to set your licenses, see . set licenseThis command displays Grid-wide licenses when you specify gridwide or all arguments. Without any arguments, the static licenses for the member are displayed.

Syntaxshow license [all | csv | gridwide | revoked]

Argument Description

all Displays all product licenses in a Grid.

csv Displays all product licenses in a Grid in csv format.

gridwide Displays Grid-wide licenses in a Grid.

revoked Displays vNIOS licenses that were transferred from one vNIOS appliance to another.

Examples

Showing product licenses installed on a NIOS appliance

Infoblox > show license

Version         : 4.3r2-5Hardware ID     : 6ddd3618a43027fdbb3b3ca9a29077a7

License Type    : NIOS Maintenance Expiration Date : 05/13/2009License String  : GwAAAAsiM/VsmcoYLHostc8f6T7L7HDdR+HeL6U1WA==

License Type    : Grid Expiration Date : 05/13/2009License String  : GQAAAAAlKONBms0BL3Ai9M8bpnPKoHLUC+HEfPM=

License Type    : DNS Expiration Date : PermanentLicense String  : EQAAAAElL/oe28NFbWlz8M8arW7M

License Type    : DHCPExpiration Date : PermanentLicense String  : EgAAAAEjP/ZPx44UcSQi7IJW9D2Z9g==

License Type    : Grid Maintenance Expiration Date : 05/13/2009License String  : GwAAAA4uJfVHhdENA2Yrsc8f6T7L7HDdR+HeLfE2UQ==

Showing product licenses installed on a NIOS Discovery Probe appliance

Infoblox > show license

Version         : 6.9.0-271002Hardware ID     : 564d5d736f92734270264e24bd7f34ea

License Type    : Grid Expiration Date : 12/21/2015License String  : GgAAALb+k/nMu+ts7UIw7sK1+7B70RJDDrqZXLR8

License Type    : vNIOS (model ND-V1400) Expiration Date : 12/21/2015License String  : HAAAAKX+jvPNt6sx4hV9oMT5+LJ70gZDCfabHOUm4tA=

License Type    : Discovery Expiration Date : 12/21/2015License String  : GQAAALf5lP/Rvfx351t+6Ir7+P010xNBQf6cCeU=

Page 210: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 210

Showing product licenses installed on an Infoblox Orchestration Server

Infoblox > show license

Version         : 5.x-86034Hardware ID     : 6ddd3618a43027fdbb3b3ca9a29077a7

License Type    : IF-MAP Service Expiration Date : 05/04/2010License String  : FAAAAAwtMedDlo5fICEi84MbpXPPpHCI

Showing product licenses of all Grid members in csv format

Infoblox > show license csvpublic_ip,license_type,exp_date,license_string 10.0.0.18,DNS,Permanent,EQAAAAKS4n90WFGNUSirwvyUT9/z10.0.0.18,Grid Maintenance,05/21/2009,EwAAAA4uJfVHhdENA2Yrsc8b6T3J7HDdR+HeLfQ2Cq== 10.0.0.18,Grid,05/21/2009,GwAAAA2Z6HAtBkPFPyfzg/yVRsLzI2x0kYyKaPb22g==10.0.0.18,NIOS Maintenance,01/21/2009,GwAAAAiV/nAGGljQEDv0h/yVRsLzI2x0kYyKb/P20Q==10.0.0.18,DHCP,Permanent,EgAAAAEjP/ZPx44UcSQi7JW9D2Z9g==10.0.0.22,DNS,05/21/2009,EgAAAAKU8nMlRBzcTWX63rHYFoymOQ==10.0.0.22,Grid Maintenance,05/21/2009,GwAAAA4uJfVHhdENA2Yrsc8b6T3J7HDdR+HeLfQ2Cq== 10.0.0.22,Grid,05/21/2009,GwAAAA2B6CftBkPFPyfzg/yVRsLzI2x0kZyKaPb22g==10.0.0.22,NIOS Maintenance,05/21/2009,GwAAAAiV/nAGGljQEDv0h/yVRsLzI2x0kYyKb/P20Q==10.0.0.22,DHCP,Permanent,EgAAAAEjP/ZPx96UcSQi7JW9D2Z9g==

Showing vNIOS on VMware licenses that were transferred

Infoblox > show license revoked

Public IP        License Type    Exp Date          Replaced Hardware ID 10.34.196.221    Grid            Permanent         564dc31965c24cc2eb7ab2955e10e1c0License String

PQAAADUCMoaGagzzTP0jgMU8FjNONq8dY2Ux527eLxDjCxyqsaL3woZgtPdEzhTgV+4Xk+OEIvmVWk3rUf9s1Q=10.34.196.221 vNIOS (550) Permanent564dc31965c24cc2eb7ab2955e10e1c0 AgAAACYCL4yHZ10rQ7vu0dlxRzAWLqtRdXQ39z+LKEW5DhjrrseLjgwfg9bZEz0L1ljkWkqOEN9zQD4wsRU=

Showing product licenses, including a transferred vNIOS license

Infoblox > show licenseVersion         : 5.1r4-111576-ulHardware ID     : 564d636db7a4892b1065c1d9493673a4

License Type    : DHCPExpiration Date : PermanentLicense String  : EgAAADQEJZOIN0/mEqkjgMU8WjBTfQ==

License Type    : DNSExpiration Date : PermanentLicense String  : EQAAADQCNZ/ZKwK3DuRynIhwA2MG

License Type    : GridExpiration Date : PermanentRevoked Hardware ID : 564dc31965c24cc2eb7ab2955e10e1c0

License String  : PQAAADUCMoaGagzzTP0jgMU8FjNONq8dY2Ux527eLxDjCxyxqsaL3woZgtPdEzhTgV+4Xk+OEIwmVWk3rUf9s1Q=License Type    : MS ManagementExpiration Date : PermanentLicense String  : GwAAAD0fGY6VdB/9WvU6w4A8FjNONq8dfHB9pm+JeA==

License Type    : NIOS MaintenanceExpiration Date : PermanentLicense String  : GgAAAD4FKZCraQvqT/ct2YhtCn4fKuJMYD1l9T7Z

License Type    : vNIOS (550)Expiration Date : PermanentRevoked Hardware ID : 564dc31965c24cc2eb7ab2955e10e1c0License String  : OgAAACYCL4yHZlOrQ7Vu0dlxRzAWLqtRdXQ39z+LKEW5DhjrrseLjgwfg9bZEz0L1ljkWkqOEN9zQD4wsRU=

vNIOS: CPU cores detected: 1 - [License allows: 1]vNIOS: CPU frequency detected: 1200MHz - [License allows: 1200MHz]vNIOS: System memory detected: 2048MB - [License allows: 2048MB]

Page 211: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 211

Showing all product licenses in a Grid

Infoblox > show license allPublic IP      License Type       Kind         Exp Date       Replaced Hardware ID License String               Security Ecosystem Grid-wide    Permanent      HQAAALsakOzDKirMdaUsG2Yfk/j0BkhoFjhVfEtu36dJ10.34.12.200   Grid               Static       01/27/2017     GQAAAN7S+Oj6JImWMzxZc8VyGvYoQJyH2i60L3Y=10.34.12.200   DHCP               Static       Permanent      EgAAAN/U7/30ecqDbWhZb4g8TLh7Fg==10.34.12.200   DNS                Static       Permanent      EQAAAN/S//GlZYfScSUIc8VwFesu10.34.12.210   DNS                Static       Permanent      EQAAAN0m29pKq23n6iHHLriWhVRW10.34.12.210   DHCP               Static       Permanent      EgAAAN0gy9YbtyC29myWMvXa3AcD6Q==10.34.12.210   Grid               Static       Permanent      GgAAANwm3MMV6mOjqDiWLvXajwIevdQ7U0THmLU010.34.12.220   Grid               Static       11/28/2016     GgAAAGq4nPRvK7i2S03o7qMk9vaokCqkg6eUcc/g10.34.12.220   vNIOS (model ND-V1400)Static    11/28/2016HAAAAHm4gf5uJ/jsRBqsoKJo9fiokz6kgeuWY57vO2w=10.34.12.220  Discovery           Static       11/28/2016 GQAAAGu/m/JyLa+tQVSm7+xq/LLmkiujyeOTdsw=

Showing Grid-wide licenses in a Grid

Infoblox > show license gridwideLicense Type        Exp Date        License StringSecurity Ecosystem  Permanent         HQAAALsakOzDKirMdaUsG2Yfk/j0BkhoFjhVfEtu36dJ

Showing Grid-wide licenses in a Grid when an Flex Grid Activation License is installed

Infoblox > show licenseVersion         : 8.0.0-347398 Hardware ID     : 0800201605040013

License Type    : Grid Expiration Date : 04/20/2017License String  : GQAAADmh7ID3wf0qOe98xJnJ79mgkh004FM2wrE=

License Type    : DHCPExpiration Date : PermanentLicense String  : EgAAADin+5X5nL4/Z7t83dSHvpfzxA==

License Type    : DNS Expiration Date : PermanentLicense String  : EQAAADih65mogPNue/YtwZnL58Sm

Infoblox > show license allPublic IP License Type Kind Exp Date Replaced Hardware ID License StringFlex Grid Activation Grid-wide 02/19/2017JAAAAPwgn32cIJAtloBgYTchXdVN71rdVRTO1cjljzOxvn9gygAz2g==10.35.5.176 Grid Static 04/20/2017 GQAAADmh7ID3wf0qOe98xJnJ79mgkh004FM2wrE= 10.35.5.176 DHCP Static Permanent EgAAADin+5X5nL4/Z7t83dSHvpfzxA== 10.35.5.176 DNS Static Permanent EQAAADih65mogPNue/YtwZnL58Sm10.35.105.10 Grid Static 02/19/2017 GgAAAOgU19juLjevCfnmAfIKoTGz4RzrxNR2mjdo10.35.105.10 vNIOS (model IB-VM-1410) Static 02/19/2017GgAAAPsUytLvInTyBq2jTPRGoT+z4gjpwowgnz5g10.35.105.10 Threat Protection (Software add-on) Static 02/19/2017 FQAAAP4N/MnsInTyBq2jTPRGoT+z50i8xQ==10.35.105.10 Threat Protection Update Static 02/19/2017 FgAAAPkK/M7pPDn3TuCrCbpEoDn4r0rolZg=10.35.105.10 DHCP Static 02/19/2017 FAAAAOkSwM3gb3G6S6XmAvZHp3T54xvo10.35.105.10 DNS Static 02/20/2017 EwAAAOkU0MGtajn0SuCoAPdB7Guu5U0=Infoblox >

Showing all licenses in a Grid when Software ADP is installed

Infoblox > show licenseVersion         : 8.1.0-348290Hardware ID     : 564d6d00229a6cd6d197ffcd1383e37b

Page 212: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 212

License Type    : GridExpiration Date : 03/10/2017License String  : GgAAAN8Cp2mr0u/Es9xNAGCAeAvdy+7J5L/704mo

License Type    : vNIOS (model IB-VM-1410)Expiration Date : 03/10/2017License String  : GgAAAMwCumOq3qyYvIgBTWfMeAzdyPrL4ueth4Cm

vNIOS: CPU cores detected: 4 - [License allows: 4]vNIOS: System memory detected: 8192MB - [License allows: 8192MB]

License Type    : Threat Protection (Software add-on)Expiration Date : 03/10/2017License String  : FQAAAMkbjHip3qyYvIgBTWfMeAzdzb2etQ==

License Type    : Threat Protection UpdateExpiration Date : 03/10/2017License String  : FgAAAM4cjH+swOGc9cUAASnOeQqWhbiatqU=

License Type    : DNSExpiration Date : 03/10/2017License String  : EwAAAN4CoHDol+Gc8MUDAWTLNVjAz78=

License Type    : DHCPExpiration Date : 03/10/2017License String  : FAAAAN4EsHylk6jR8YlNA2XNfkeXwOnJ

Page 213: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 213

show license_uidThe command displays the license UID of the Grid. The UID is required when requestingshow license_uidGrid-wide licenses. The UID that the appliance returns is the same as the that is used for obtaining dynamic licenses.License Pool Container UID

Syntaxshow license_uid

This command has no arguments.

ExamplesInfoblox > show license_uidThe grid-wide license unique ID (same as LPC_UID): e51f90527dce4708bc1ada576286d26a

Page 214: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 214

show license_pool_containerThe command displays the license UID that is required when obtaining dynamic licenses for vNIOS virtual appliances.show license_pool_container

Syntaxshow license_pool_container

This command has no arguments.

ExamplesInfoblox > show license_pool_containerThe Unique ID of the License Pool Container (LPC_UID): e51f90527dce4708bc1ada576286d26a

Page 215: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 215

show logThe command displays a specified log file. It is helpful for obtaining diagnostic information. The syslog file is shown by default if no log is show logspecified. The IF-MAP log displays all the IF-MAP protocol related events. It contains the XML messages communicated between Infoblox Orchestration Server and the clients.

Syntaxshow log [ syslog | debug | audit | ifmapclient | ifmapserver  | category_api_logs | ufclient_logs] <log num> [ tail <num> | follow/regex/ ]

Use this command to display the contents of a specified log file.

Argument Description

syslog Displays the syslog log file.

debug Displays the debug log file.

audit Displays the audit log file.

ifmapclient

Displays the IF-MAP log on the DHCP server when it is configured as an IF-MAP client.

ifmapserver

Displays the IF-MAP log on Infoblox Orchestration Server.

category_api_logs

Displays the log file of a particular domain.

log num Allows you to view rolled logs by specifying a number from 0 to 9. You can use this option when you display the syslog file, audit log, and ifmap log.

tail <num> Shows the last lines from the log file or, if no number is specified, the last 10 lines are displayed.num

/regex/ Matches the pattern specified in and displays the matched lines from the selected log file. To insert "/" in the search pattern, use regexescape sequence \/. The search string starts at the first forward slash (/) ends at the second forward slash (/), and ignores the remaining. For information about regular expressions, see .Supported Expressions for Search Parameters

Examples

Displaying syslog file

Infoblox > show log syslogAug 23 17:48:50 (none) syslog-ng[894]: new configuration initializedAug 23 17:48:50 (none) kernel: ip_conntrack version 2.4 (8183 buckets, 65464 max) - 224bytes per conntrackAug 23 17:48:54 (none) kernel: ADDRCONF(NETDEV_UP): eth1: link is not readyAug 23 17:48:56 (none) kernel: e1000: eth1: e1000_watchdog: NIC Link is Up 1000 MbpsFull DuplexAug 23 17:48:56 (none) kernel: ADDRCONF(NETDEV_CHANGE): eth1: link becomes readyAug 23 17:48:58 (none) ntpd[31091]: ntpd [email protected] Fri Aug 4 17:14:23 EDT 2006 (1)Aug 23 17:48:58 (none) ntpd[31091]: signal_no_reset: signal 13 had flags 4000000Aug 23 17:48:58 (none) ntpd[31091]: precision = 11 usecAug 23 17:48:58 (none) ntpd[31091]: kernel time discipline status 0040Aug 23 17:48:58 (none) ntpd[31091]: frequency initialized 0.000 from/usr/conf/ntp.driftEnter <return> to continue with More lines or enter q<return> to go back to command line

Displaying the last five lines of the debug log file

Page 216: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 216

Infoblox > show log debug tail 5[2006/08/23 17:48:49.346] (30748 /infoblox/one/bin/init_database) db_local.c:347idb_database_local_create_env(): cache_size: 134217728[2006/08/23 17:48:49.739] (30748 /infoblox/one/bin/init_database) init_database.c:45main(): Database initialized: /data/rep[2006/08/23 17:48:49.812] (30749 /infoblox/one/bin/db_import_3x) main.c:360 main():Starting db_import: importing from /infoblox/one/factory_defaults[2006/08/23 17:48:49.899] (30749 /infoblox/one/bin/db_import_3x) partition_bitmap.c:208onedb_recalculate_partition_bitmaps(): Begin partitioning phase[2006/08/23 17:48:49.900] (30749 /infoblox/one/bin/db_import_3x) partition_bitmap.c:283onedb_recalculate_partition_bitmaps(): Total of 2 object(s) partitioned, committingdatabase

Matching a pattern in a log file

Infoblox > show log syslog /ntpd/6:Aug 23 17:48:58 (none) ntpd[31091]: ntpd [email protected] Fri Aug 4 17:14:23 EDT 2006 (1)7:Aug 23 17:48:58 (none) ntpd[31091]: signal_no_reset: signal 13 had flags 40000008:Aug 23 17:48:58 (none) ntpd[31091]: precision = 11 usec9:Aug 23 17:48:58 (none) ntpd[31091]: kernel time discipline status 004010:Aug 23 17:48:58 (none) ntpd[31091]: frequency initialized 0.000 from/usr/conf/ntp.drift11:Aug 23 17:48:58 (none) ntpd[31091]: frequency initialized 0.000 from/usr/conf/ntp.drift13:Aug 23 17:50:13 (none) ntpd[31091]: ntpd exiting on signal 1518:Aug 23 17:50:23 (none) ntpd[32623]: ntpd [email protected] Fri Aug 4 17:14:23 EDT 2006 (1)19:Aug 23 17:50:23 (none) ntpd[32623]: signal_no_reset: signal 13 had flags 400000020:Aug 23 17:50:23 (none) ntpd[32623]: precision = 9 usecEnter <return> to continue with More lines or enter q<return> to go back to command line

Displaying the IF-MAP log file

Infoblox > show log ifmapserver2010-03-16T17:48:04 REQUEST "client1" PUBLISH: info <?xml version="1.0"encoding="UTF-8"?><env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ifmap="http://www.trustedcomputinggroup.org/2006/IFMAP/1" xmlns:meta="http://www.trustedcomputinggroup.org/2006/IFMAP-METADATA/1"><env:Header> <ifmap:session-id>28baf7e3d84db248097e976bf0dce9c2</ifmap:session-id></env:Header> <env:Body> <ifmap:publish> <update> <link> <identifier> <ip-address value="10.0.0.5"/> </identifier> <identifier> <mac-address value="56:b1:19:3b:48:0d"/></identifier> </link> <metadata> <meta:ip-mac cardinality="singleValue"><start-time>2009-10-27T00:00:00</start-time> <end-time>2009-10-28T00:00:00</end-time><dhcp-server>10.0.0.3</dhcp-server> </meta:ip-mac> </metadata> </update></ifmap:publish> </env:Body> </env:Envelope>2010-03-16T17:48:04 RESPONSE "client1" PUBLISH: info <?xml version="1.0" encoding="UTF-8"?><SOAP-ENV:Envelopexmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"xmlns:SOAP-ENC="http://schem as.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:meta="http://www.trustedcomputinggroup.org/2006/IFMAP-METADATA/1" xmlns:wsdl="http://www.trustedcomputinggroup.org/2008/IFMAP/1/ifmap.wsdl" xmlns:meta3="www.stan.com2" xmlns:ifmap="http://www.trustedcomputinggroup.org/2006/IFMAP/1"> <SOAP-ENV:Header><ifmap:session-id SOAP-ENV:mustUnderstand="1"> 28baf7e3d84db248097e976bf0dce9c2</ifmap:session-id> </SOAP-ENV:Header> <SOAP-ENV:Body> <ifmap:response validation="BaseOnly"> <publishReceived/> </ifmap:response></SOAP-ENV:Body></SOAP-ENV:Envelope>

Page 217: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 217

show logfilesThe command displays log files and their respective sizes. You can use this command to gather information on log file sizes, and show logfilesdetermine how quickly they are growing. This is useful for managing disk space, as it helps you determine when to download or rotate files. On Infoblox Orchestration Server, this command also displays the IF-MAP log file size.

Syntaxshow logfiles

This command has no arguments.

Examples

On a NIOS appliance

Infoblox > show logfilesLogfiles present on the system------------------------------audit.log       8 kinfoblox.log    26327 kmessages        46 kmessages.0.gz   10 k

On Infoblox Orchestration Server

Infoblox > show logfilesLogfiles present on the system------------------------------audit.log       10 kifmapd.log      27 kifmapd.log.0.gz 2 kifmapd.log.1.gz 10 kinfoblox.log    353 kmessages        85 k

Page 218: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 218

show log_txn_idThe command displays whether DHCP transaction ID logging is on or off. By default, DHCP transaction ID logging is enabled. Use show log_txn_idthe to enable or disable logging of DHCP transaction IDs. set log_txn_id

Syntaxshow log_txn_id

This command has no arguments.

ExampleInfoblox > show log_txn_idDHCP Transaction id logging turned OFF

Page 219: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 219

show lomThe command displays the LOM (Lights Out Management) settings for the IPMI interface. To configure the network settings for the IPMI show lominterface, use the command. set lom

Syntaxshow lom

This command has no arguments.

ExampleInfoblox > show lomLOM for Grid: enabledLOM for member: enabled (inherit)

Network settings:IP Address: 10.34.10.42Subnet Mask: 255.255.255.0 Default Gateway IP: 10.34.10.1

Users:

Page 220: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 220

show lower_case_ptr_dnameThe command displays information about whether the option to convert the domain names in uppercase characters to show lower_case_ptr_dnamelowercase for PTR records is on or off. For information about how to enable this conversion option, see . set lower_case_ptr_dname

Syntaxshow lower_case_ptr_dname

This command has no arguments.

ExamplesInfoblox > show lower_case_ptr_dname show lower_case_ptr_dnamedefault view: on, override_grid: on, grid: off, effective: on

For more than one DNS view

Infoblox > show lower_case_ptr_dname show lower_case_ptr_dnamedefault view: on, override_grid: on, grid: off, effective: on custom view: off, override_grid: off, grid: off, effective: off

Page 221: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 221

show reporting_cluster_maintenance_modeThe command displays the cluster maintenance mode settings. For information about how to enable show reporting_cluster_maintenance_modethe reporting clustering mode, see . set reporting_cluster_maintenance_mode

Syntaxshow reporting_cluster_maintenance_mode

This command has no arguments.

ExampleMaintenance Mode > show reporting_cluster_maintenance_mode Reporting cluster maintenance mode is enabled

Page 222: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 222

show max_recursion_depthThe   command displays the maximum recursion depth value.show max_recursion_depth

Syntaxshow max_recursion_depth

This command has no arguments.

ExampleInfoblox > show max_recursion_depthRecursion depth limit: 7

Page 223: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 223

show max_recursion_queriesThe   command displays the maximum recursion queries value.show max_recursion_queries

Syntaxshow max_recursion_queries

This command has no arguments.

ExampleInfoblox > show max_recursion_queries

show max_recursion_queriesRecursion queries limit: 150

Page 224: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 224

show memoryThe command displays memory statistics on used and available buffers and cache. Poor performance can be an indicator that the memory show memoryis full. If your NIOS appliance is not performing as it should, use this command to verify whether or not the appliance is experiencing a memory problem. If so, Infoblox recommends that you call Infoblox Support.

Syntaxshow memory

This command has no arguments.

ExampleInfoblox > show memory

            total     used     free     buffers    cachedMem:        1032852   309904   722948   32864      242060Swap:       2047992   0        2047992Total:      3080844   309904   2770940

Page 225: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 225

show mld_versionThe command displays the version of the MLD (Multicast Listener Discovery) protocol that is running on the appliance. The show mld_versionappliance runs MLD version2 by default, but you can enable it to run MLD version 1 instead. For information, see . Note that MLDv2 is set mld_version_1interoperable with MLDv1.

Syntaxshow mld_version

This command has no arguments.

ExampleInfoblox > show mld_versionCurrent Multicast Listener Discovery Setting:   MLD Version: 2

Page 226: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 226

show monitorThe command displays current network monitoring data, when network monitoring for DNS is turned on. This command also provides show monitorinformation on the average latency of authoritative and non-authoritative replies to DNS queries. Latency is the time it takes for a packet to cross a network connection, from sender to receiver.

Note: You must turn on network monitoring for DNS to view this data. For more information, see set monitor dns.

Syntaxshow monitor

This command has no arguments.

ExamplesThe following example for Network Monitoring for DNS shows information on the interval times in minutes, the latency (in milliseconds), and the number of queries.

Viewing network monitoring for DNS data

Infoblox > show monitorNetwork Monitoring for DNS is ONData last updated: Tue Sep 12 19:05:51 2006Authoritative        Interval (min)       Latency (usec)      Number of queries

                         1                      2                   3                         5                      3                   20                         15                     3                   65                         60                     3                   300

Non Authoritative    Interval (min)       Latency (usec)      Number of queries

                         1                      2                   2                         5                      3                  10                         15                     3                  55                         60                     3                 150

When network monitoring for DNS is off

Infoblox > show monitorNetwork Monitoring for DNS is OFF

Page 227: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 227

show monitor dns alertThe command displays the current DNS alert thresholds. The appliance displays the default thresholds (50% for both invalid show monitor dns alertports and invalid TXIDs) if you have not configured new thresholds for the DNS alerts.

Syntaxshow monitor dns alert

This command has no arguments.

Example

Viewing DNS alert thresholds

Infoblox > show monitor dns alertDNS Network Monitoring is enabled. Alerting is enabled.DNS Alert      Threshold (per minute)===========================================port           over 70% of packetstxid           over 100 packets

Page 228: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 228

show monitor dns alert statusThe command displays the current status of invalid DNS responses that arrive on DNS ports that are not open and show monitor dns alert statushave mismatched TXIDs (DNS transaction ID). You can view the alert status to identify the primary source of invalid DNS responses. The appliance displays historical alert counts and up to five primary sources that generate invalid DNS responses.

Syntaxshow monitor dns alert status

This command has no arguments.

Example

Viewing DNS alert status

Infoblox > show monitor dns alert statusData last updated: Mon Oct 6 14:47:12 2008 DNS Alert   1m   5m   15m   60m   24h   Ever============================================ port        8    12   12    12    12    12txid        8    12   12    12    12    12

There were 80 DNS responses seen in the last minute. 10% were to an invalid port.10% had an invalid TXID.

Primary sources of invalid responses:4.4.4.4 (unknown) sent 42.2.2.2 (unknown) sent 37.7.7.7 (unknown) sent 1

Page 229: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 229

show ms_sticky_ipThe   command displays whether the ms_sticky_ip is turned on or off.show ms_sticky_ip

Syntaxshow ms_sticky_ip

This command has no arguments.

ExampleInfoblox > show ms_sticky_ip

show ms_sticky_ipms_sticky_ip is off

Page 230: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 230

show named_recv_sock_buf_sizeThe command displays the current BIND receive socket buffer size. The default is 1,536 kilobytes. For information show named_recv_sock_buf_sizeabout how to set the receive socket buffer size, see .set named_recv_sock_buf_size

Syntaxshow named_recv_sock_buf_size

This command has no arguments.

ExampleInfoblox > show named_recv_sock_buf_sizeDNS 'named' UDP receive socket buffer size: 5000

Page 231: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 231

show networkThe command displays the current network settings for the NIOS appliance and status with respect to a Grid. For information on how to show networkchange your network settings, see . set network

Syntaxshow network

This command has no arguments.

ExampleInfoblox > show networkCurrent LAN1 network settings: IP Address: 10.34.33.11Network Mask: 255.255.255.0Gateway Address: 10.34.33.1VLAN Tag: 110DSCP Value: 23IPv6 Address: 2620:010A:6000:2400:0000:0000:0000:6508/64IPv6 Gateway Address: 2620:010A:6000:2400:0000:0000:0000:0001IPv6 VLAN Tag: Untagged IPv6 DSCP Value: Inherited

HA enabled: falseGrid Status: Member of Infoblox Grid

Current LAN2 Port Settings: LAN2 Port enabled: trueNIC failover for LAN1 and LAN2 enabled: false LAN2 IP Address: 10.1.1.35LAN2 Netmask: 255.255.255.0LAN2 Gateway: 10.1.1.1

Page 232: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 232

show ntpThe command displays a list of the peers of the NTP server, along with status information about each peer. show ntp

Syntaxshow ntp

This command has no arguments.

ExampleInfoblox > show ntp

      remote    refid  st t   when   poll  reach  delay  offset   jitter ==============================================================================

*LOCAL(1)     LOCAL(1) 12 l   47     64     377   0.000  0.000    0.008When you execute the command, the NIOS appliance displays the following information:show ntp

remote: The IP address of the remote peer.refid: Identifies the reference clock.st: The stratum of the remote peer.t: The type of the peer, such as local, unicast or broadcast.when: When the last packet was received.poll: The polling interval, in seconds.reach: The reachability register, in octal numerals.delay: The current estimated delay, in seconds.offset: The offset of the peer clock relative to the local clock, in milliseconds.jitter: The estimated time error of the system clock.

Page 233: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 233

show ospfThe command displays configuration and statistical information about the OSPF protocol that is running on the NIOS appliance. For show ospfinformation on how to change your OSPF settings, see . set ospf

Syntaxshow ospf {route | interface | database | neighbor | configuration}

The command displays information about the OSPF configuration on the appliance, reachability information about neighbors, and OSPF show ospfroutes to destinations. You can specify the command with or without arguments.

Argument Description

route Displays the OSPF routing table, as determined by the most recent SPF calculation.

interface Displays the state and configuration on all interfaces configured with OSPF.

database Displays all OSPF database information.

neighbor Displays the OSPF neighbor information.

configuration Displays the running OSPF configuration file.

ExamplesInfoblox > show ospf interfaceeth0 is down  OSPF not enabled on this interfaceeth1 is up  Internet Address 172.32.0.61/24, Broadcast 172.32.0.255, Area 0.0.0.0   Router ID 172.32.0.61, Network Type BROADCAST, Cost: 100  Transmit Delay is 1 sec, State DROther, Priority 0  Designated Router (ID) 172.32.0.110, Interface Address 172.32.0.254   No backup designated router on this network  Timer intervals configured, Hello 10, Dead 40, Wait 3, Retransmit 5   Hello due in 00:00:01  Neighbor Count is 1, Adjacent neighbor count is 1lo is up  Internet Address 172.16.10.10/32, Area 0.0.0.0  Router ID 172.32.0.61, Network Type LOOPBACK, Cost: 100  Transmit Delay is 1 sec, State Loopback, Priority 0  No designated router on this network  No backup designated router on this network  Timer intervals configured, Hello 10, Dead 40, Wait 3, Retransmit 5   Hello due in inactive  Neighbor Count is 0, Adjacent neighbor count is 0 Infoblox > show ospf route============ OSPF network routing table ============N 172.16.10.10/32   [100] area: 0.0.0.0                   directly attached to loN 172.32.0.0/24     [100] area: 0.0.0.0                   directly attached to eth1

============ OSPF router routing table ============= ============ OSPF external routing table ===========

Page 234: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 234

show overload_bootpThe   command displays whether the overload BOOTP functionality is turned on or off.show overload_bootp

Syntaxshow overload_bootp

This command has no arguments.

ExampleInfoblox > show overload_bootp

Overload BOOTP option turned OFF

Page 235: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 235

show phonehomeThe command displays the settings of the phone home feature on the appliance. show phonehome

Syntaxshow phonehomeThis command has no arguments.

ExampleInfoblox > show phonehomePhone home enabled <Grid wide>:   Yes Send to Infoblox Support:         YesSupport ID:                       8561Address to send to:      [email protected]

Page 236: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 236

show query_captureThe displays the captured DNS queries that are stored locally on the appliance. You can use filters to restrict the DNS queries to show query_capturespecific time and date range, client FQDNs, and IP addresses. Note that the time zone in the CLI console is the time zone of the Grid member.

Note: Using multiple CLI commands to filter data for the appliances with large number of captured DNS queries and responses can significantly affect the system performance, protocol performance, and CLI command performance.

Syntaxshow query_capture tail [<num>]                   follow [[fqdn /regex/] [ip /regex/ | grep /regex/]]                   [[fqdn /regex/] [ip /regex/ | grep /regex/]] [after [date] time]                   [before [date] time]

You can specify the command with or without arguments. If you use the show query_capture command without any arguments, it displays queries from the current capture file.If you use the show query_capture command with follow, tail, before, after, fqdn, and ip arguments you can view queries ,for a specific data and time range, queries sent from the client FQDNs, and IP addresses.

A capture file for logging DNS queries and responses is compressed every 10 minutes or when it reaches 100 MB in size, whichever comes Note:sooner. A new current file is created when a capture file is compressed. If you are running the show query_capture command with follow or t

ail when a new capture file is created, the CLI console may return an error indicating that captured-dns-xxxxxx has become inaccessible: No such file or directory. In these situations, you must execute the CLI command again.

Argument Description

tail <num>

Shows the last num lines from the capture file. If you do not specify a number, only the last ten lines are displayed.

follow Displays continuously the lines till the end of the capture file as lines are appended. In addition, you can use 'follow' with '/regex/' to search for FQDNs, IP addresses, and regular expressions.

before [date] time

Displays captured DNS queries before the specified date time starting with the oldest saved log file. Make sure that you specify the date (optional for today's date) in the day-month-year format (example: 25-oct-2014), and time in hour:minutes:seconds format (example: 10:09:30).

after [date] time

Displays captured DNS queries after the specified date time until the end of the current log file. The CLI console will not display DNS queries when you specify the current date and time or a future date and time. Make sure that you specify the date (optional for today's date) in the day-month-year format (example: 02-aug-2014), and time in hour:minutes:seconds format (example: 10:09:30).

/regex/ Matches the pattern specified in regex and displays the matched lines from the capture file. To insert "/" in the search pattern, use escape sequence \/. The search string starts at the first forward slash (/) ends at the second forward slash (/), and ignores the remaining. For information about regular expressions, see Appendix D Regular Expressions, in the Infoblox Administrator Guide.

fqdn /regex/

Displays queries sent from the client FQDN. You can combine this option with 'ip /regex/' as well.

ip /regex/

Displays queries sent from the client IP address. You can combine this option with 'fqdn /regex/' as well.

grep /regex/

Displays queries by the regular expressions.

ExamplesInfoblox > show query_capture

09-Aug-2014 09:55:50.872 client 10.35.1.136#57722: query: aaaa80.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:55:50.872 client 10.35.1.136#57722: query: aaaa81.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:55:50.872 client 10.35.1.136#57722: query: aaaa79.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:56:07.322 client 10.35.1.136#57722: query: aaaa82.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:56:07.322 client 10.35.1.136#57722: query: aaaa84.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:56:07.322 client 10.35.1.136#57722: query: aaaa85.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:56:07.323 client 10.35.1.136#57722: query: aaaa86.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:56:07.323 client 10.35.1.136#57722: query: aaaa87.1852a_95.com IN AAAA + (10.35.3.96)09-Aug-2014 09:56:07.323 client 10.35.1.136#57722: query: aaaa88.1852a_95.com IN AAAA + (10.35.3.96)

Infoblox > show query_capture before 09-Aug-2014 05:00:00

Page 237: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 237

Note that the filtering options require significant CPU resources, which may affect service performance.Infoblox recommends that you use this command only when necessary.

05-Aug-2014 13:31:29.057 client 10.35.112.5#40027: query: mx74.2000a_42.com IN MX + (10.35.3.148)05-Aug-2014 13:31:29.057 client 10.35.112.5#40027: query: mx80.2000a_42.com IN MX + (10.35.3.148)05-Aug-2014 13:31:29.057 client 10.35.112.5#40027: query: mx81.2000a_42.com IN MX + (10.35.3.148)05-Aug-2014 13:31:29.057 client 10.35.112.5#40027: query: mx79.2000a_42.com IN MX + (10.35.3.148) 05-Aug-2014 13:31:29.057 client 10.35.112.5#40027: query: mx82.2000a_42.com IN MX + (10.35.3.148)

Infoblox > show query_capture after 11-Aug-2014 09:00:00

Note that the filtering options require significant CPU resources, which may affect service performance.Infoblox recommends that you use this command only when necessary.

18-Aug-2014 05:44:22.589 client 10.35.3.148#36662: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)18-Aug-2014 05:45:22.470 client 10.35.3.148#56373: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)20-Aug-2014 06:45:25.330 client 10.35.3.148#35366: query: hal.2000a_1.com IN SOA +ED (127.0.0.1)20-Aug-2014 06:45:25.330 client 10.35.3.148#35366: UDP: query: hal.2000a_1.com IN SOAresponse: NXDOMAIN -AE

Infoblox > show query_capture fqdn /2000a_1.com/

Note that the filtering options require significant CPU resources, which may affect service performance.Infoblox recommends that you use this command only when necessary.

20-Aug-2014 06:45:22.352 client 10.35.3.148#35366: query: hal.2000a_1.com IN SOA +ED (127.0.0.1)20-Aug-2014 06:45:22.352 client 10.35.3.148#35366: UDP: query: hal.2000a_1.com IN SOAresponse: NXDOMAIN -AE20-Aug-2014 06:45:22.352 client 10.35.3.148#35366: query: 2000a_1.com IN SOA +ED (127.0.0.1)20-Aug-2014 06:45:25.330 client 10.35.3.148#35366: query: hal.2000a_1.com IN SOA +ED (127.0.0.1)

Infoblox > show query_capture fqdn /2000a_1.com/ grep /SOA/

Note that the filtering options require significant CPU resources, which may affect service performance.Infoblox recommends that you use this command only when necessary.

20-Aug-2014 07:54:29.457 client 10.35.3.148#35366: query: hal.2000a_1.com IN SOA +ED (127.0.0.1)20-Aug-2014 07:54:29.457 client 10.35.3.148#35366: UDP: query: hal.2000a_1.com IN SOAresponse: NXDOMAIN -AE20-Aug-2014 07:54:29.457 client 10.35.3.148#35366: query: 2000a_1.com IN SOA +ED (127.0.0.1)20-Aug-2014 07:54:29.457 client 10.35.3.148#35366: UDP: query: 2000a_1.com IN SOAresponse: NOERROR -AE 2000a_1.com. 28800 IN SOA infoblox.localdomain. admin.infoblox.com. 503 10800 3600 2419200 900;

Infoblox > show query_capture after 18-Aug-2014 05:05:05 before 18-Aug-2014 06:05:05

Note that the filtering options require significant CPU resources, which may affect service performance.Infoblox recommends that you use this command only when necessary.

18-Aug-2014 05:05:22.342 client 10.35.3.148#50669: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)18-Aug-2014 05:06:22.402 client 10.35.3.148#35534: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)18-Aug-2014 05:07:22.338 client 10.35.3.148#43846: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)18-Aug-2014 05:08:22.498 client 10.35.3.148#50606: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)18-Aug-2014 05:53:22.359 client 10.35.3.148#56078: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)18-Aug-2014 05:54:22.281 client 10.35.3.148#60212: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)18-Aug-2014 05:55:22.368 client 10.35.3.148#35600: query: 1.0.0.127.in-addr.arpa IN PTR+E (10.35.3.148)

Page 238: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 238

show recursion_query_timeoutThe command displays the maximum time allowed for a recursive query to wait for a response before timing out. show recursion_query_timeoutYou can use the ser recursion_query_timeout command to configure the recursion query timeout value. For information, see . set recursion_query_timeoutSetting the timeout value to 0 returns to the default timeout behavior, which is to wait at least 30 seconds and up to 40 seconds before timing out.

Note: When you enable this on an HA pair, ensure that you run the command and set the same values on both nodes of the HA pair. No service restart is required when you use this command.

These commands are designed to mitigate phantom domain attacks. For more information about this, refer to the . Infoblox NIOS Administrator Guide

Syntax

show recursion_query_timeout

Example

Infoblox > show recursion_query_timeoutRecursion query timeout (in seconds): Default (30)

Page 239: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 239

show remote_consoleThe command displays remote console access settings. This command allows you to see if remote console access is enabled show remote_consolewithout accessing the GUI. You can set this option at the member level and the Grid level. For information on how to change your remote_console, see set

.remote_console

Syntaxshow remote_console

This command has no arguments.

ExampleInfoblox > show remote_consolecurrent remote console access settings:Remote console access enabled (Grid-level): true

Page 240: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 240

show reporting_cluster_maintenance_modeThe command displays the cluster maintenance mode settings. For information about how to enable show reporting_cluster_maintenance_modethe reporting clustering mode, see . set reporting_cluster_maintenance_mode

Syntaxshow reporting_cluster_maintenance_mode

This command has no arguments.

ExampleMaintenance Mode > show reporting_cluster_maintenance_mode Reporting cluster maintenance mode is enabled

Page 241: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 241

show reporting_user_capabilitiesThe show   reporting_user_capabilities command displays information about users who have the   permission for reporting data. delete To set the 

.  on reporting data for a local admin who has superuser permissions, delete permission see set reporting_user_capabilities

Syntaxshow reporting_user_capabilities

ExampleInfoblox > show reporting_user_capabilities

User : user1

Capabilities: Delete reporting indexed data

User : user2

Capabilities: Delete reporting indexed data

Note

This command is supported only on the Grid Master.

Page 242: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 242

show routesThe command displays the current IPv4 and IPv6 routing information on the NIOS appliance and organizes the information according to the show routesinterface. This command is a valuable diagnostic tool for connectivity issues.

Syntaxshow routes

This command has no arguments.

ExampleIn the following example, specifies the direct connection to the interface and the static routes are represented (in this example) in bold. You defaultspecify static routes by manually entering them through the GUI.

Infoblox > show routesFrom LAN:10.34.33.0/24 dev eth1 scope link default via 10.34.33.1 dev eth1

From LAN2:10.1.1.0/24 dev eth3 scope link default via 10.1.1.1 dev eth3

From IPv4 main route table:10.34.33.0/24 dev eth1 proto kernel scope link src 10.34.33.11 10.1.1.0/24 dev eth3 proto kernel scope link src 10.1.1.35 default via 10.34.33.1 dev eth1From IPv6 main route table:fe80::/64 dev eth1 metric 256 expires 21257697sec mtu 1500 advmss 1440 metric10 4294967295fe80::/64 dev eth3 metric 256 expires 21334065sec mtu 1500 advmss 1440 metric10 4294967295ff00::/8 dev eth1 metric 256 expires 21257697sec mtu 1500 advmss 1440 metric10 4294967295ff00::/8 dev eth3 metric 256 expires 21334065sec mtu 1500 advmss 1440 metric10 4294967295default via fe80::204:96ff:fe1d:1980 dev eth1 proto kernel metric 1024 expires 1661sec mtu 1500 advmss 1440 metric10 64default via fe80::204:96ff:fe1d:1980 dev eth3 proto kernel metric 1024 expires 1661sec mtu 1500 advmss 1440 metric10 64unreachable default dev lo proto none metric -1 error -101 metric10 255

Page 243: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 243

show rpz_recursive_onlyUse the  command  to view whether  <show rpz_recursive_only view_name> NIOS RPZ zones are used instead of local RPZ zones to block records with private IP addresses from being queried by external users. This command is available only on the Gird Master.

For information about changing the setting, run the  command.set rpz_recursive_only

Syntaxshow rpz_recursive_only <view_name> [zone_name]

Argument Description

view_name DNS view to which the RPZ zones belong.

zone_name NIOS RPZ zone name to be used

The command can return the following output values:

none: Denotes that the setting applied earlier will continue to apply.yes: Denotes that NIOS RPZ zones are used instead of local RPZ zones to block records with private IP addresses from being queried by

.external usersno: Denotes that local RPZ zones are used to block records with private IP addresses from being queried by external users.

If you do not specify the zone name, the command displays the output for the DNS view only. 

ExampleInfoblox > show rpz_recursive_only default

default: recursive-only none

Page 244: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 244

show scheduledUse the command to view the number of times per hour the appliance checks if the services need a restart when the scheduling task show scheduledfeature is enabled. The appliance restarts services only when the execution of a scheduled task requires a service restart.Use the command to configure the value. You can set the value from 0 to 60, and the default value is 60. A value of 0 turns off the restart set scheduledfeature.

Syntaxshow scheduled task restarts

This command has no argument.

ExampleInfoblox > show scheduled task restartsNumber of restarts per hour: 4

Page 245: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 245

show securityThe command shows the current security settings and whether access to the NIOS appliance through the GUI is restricted. For more show securityinformation, see . set security

Syntaxshow security

This command has no arguments.

ExampleInfoblox > show securitycurrent security settings:  Access restricted: false

Page 246: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 246

show session_timeoutThe command shows how long a session remains open when there is no user activity. For more information, see show session_timeout set session_ti

.meout

Syntaxshow session_timeout

This command has no arguments.

ExampleInfoblox > show session_timeoutCurrent GUI/CLI timeout is 31536000 seconds (8760:00:00)

Page 247: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 247

show smartnicThe command shows whether monitor mode for the Threat Protection service is on or off. When on, monitor mode for the Threat show smartnicProtection service is enabled and the appliance logs DNS packets (instead of dropping them) that would have been blocked by threat protection rules. This information is recorded in the audit log.For information on how to disable monitor mode for the Threat Protection service, see . set smartnic monitor-mode

Syntaxshow smartnic

This command has no arguments.

ExampleInfoblox > show smartnicFirmware version:                  3.8.1 Jul 21, 2014,Log level:                         6Failed cores:                      NoneThreat Protection:                 EnabledThreat Protection monitor mode:    DisabledThreat Protection event stats:     CRITICAL=0 MAJOR=0 WARNING=0 INFORMATIONAL=575349

Page 248: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 248

show snmpThe command shows information about the SNMP object that you specify. You can enter the SNMP object name or OID. This command is show snmpsimilar to the SNMP "get" operation. You can use the optional command to get the information using SNMPv3. For information about SNMP, see v3 Monito

in the .ring with SNMP Infoblox NIOS Administrator GuideUse the command to send SNMP traps to management systems you specify. set snmptrap

Syntaxshow snmp variable { } v3 { }name of an SNMP variable, in dotted or symbolic format snmpuser

Argument Description

name of an SNMP variable

The name or OID (object ID) of the SNMP object you want to retrieve. For example, you can enter sysName.0 or .1.3.6.1.4.1.2021.11.53.0.

snmpuser The user name of the SNMPv3 user account. This is optional. If you do not provide a user name, the appliance uses the first SNMPv3 user on the list.

Examples

Displaying the host name

Infoblox > show snmp variable sysName.0SNMPv2-MIB::sysName.0 = STRING: ib-10-34-61-253.infoblox.com

Displaying the CPU temperature

Infoblox > show snmp variable .1.3.6.1.4.1.7779.3.1.1.2.1.1.0IB-PLATFORMONE-MIB::ibCPUTemperature.0 = STRING: +40.75 C

Displaying the host name using SNMPv3

Infoblox > show snmp variable sysName.0 v3 SNMPv3User1SNMPv2-MIB::sysName.0 = STRING: ib-10-34-10.42.infoblox.com

https://docs.infoblox.com/display/nios84/Monitoring+with+SNMP
https://docs.infoblox.com/display/nios84/Monitoring+with+SNMP
Page 249: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 249

1. 2. 3. 4. 5. 6. 7. 8. 9.

10. 11. 12. 13.

show ssl_tls_ciphersThe command shows the SSL/TLS ciphers that are enabled for the NIOS appliance. You can use the set ssl_tls_ciphers show ssl_tls_cipherscommand to enable or disable the cipher suites. For information, see .set ssl_tls_ciphers

Syntaxshow ssl_tls_ciphers

This command has no arguments.

ExampleInfoblox > show ssl_tls_ciphers

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 enabledTLS_DHE_RSA_WITH_AES_256_GCM_SHA384 enabledTLS_DHE_RSA_WITH_AES_128_CBC_SHA    enabledTLS_DHE_RSA_WITH_AES_256_CBC_SHA    enabledTLS_DHE_RSA_WITH_AES_128_CBC_SHA256 enabledTLS_DHE_RSA_WITH_AES_256_CBC_SHA256 enabledTLS_RSA_WITH_AES_128_GCM_SHA256     enabledTLS_RSA_WITH_AES_128_CBC_SHA        enabledTLS_RSA_WITH_AES_128_CBC_SHA256     enabledTLS_RSA_WITH_3DES_EDE_CBC_SHA       enabledTLS_RSA_WITH_AES_256_GCM_SHA384     enabledTLS_RSA_WITH_AES_256_CBC_SHA        enabledTLS_RSA_WITH_AES_256_CBC_SHA256     enabled TLS_DHE_DSS_WITH_AES_256_CBC_SHA    disabled TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA    disabled TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA    disabled TLS_DHE_DSS_WITH_AES_128_CBC_SHA    disabled TLS_RSA_WITH_RC4_128_SHA            disabled TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 disabled TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 disabled TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 disabled TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 disabled

Page 250: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 250

show ssl_tls_protocolsThe command shows the SSL/TLS protocols that are enabled for the NIOS appliance. You can use the set show ssl_tls_protocolsssl_tls_protocols command to enable or disable SSL/TLS protocols. For information, see . set ssl_tls_protocols

Syntaxshow ssl_tls_protocols

This command has no arguments.

Example

Displaying the enabled SSL/TLS protocols

Infoblox > show ssl_tls_protocolsTLSv1.0 TLSv1.1 TLSv1.2

Page 251: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 251

show ssl_tls_settingsThe command shows whether SSL/TLS settings are set to the default or override mode. You can use the show ssl_tls_settings set

command to change the SSL/TLS settings. For information, see .ssl_tls_settings set ssl_tls_settings

Syntaxshow ssl_tls_settings]

This command has no arguments.

ExampleInfoblox > show ssl_tls_settingsSSL/TLS settings: default.Use 'ssl_tls_protocols' and 'ssl_tls_ciphers' to see current settings.

Page 252: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 252

show static_routesUse the command to display the current static route configuration on your appliance. To configure static routes, use the show static_routes set static_

command.routeYou can also use the command to view the current IPv4 and IPv6 routing information on the NIOS appliance and how the information is show routesorganized according to the interfaces.

Syntaxshow static_routes [v4|v6]

Argument Description

v4|v6 Shows IPv4 or IPv6 static routes. If this is not specified, static routes for both IPv4 and IPv6 are displayed.

Examples

Displaying IPv4 Static Routes

Infoblox > show static_routes v4

Position Destination Gateway

1 1.1.1.1/32 192.168.1.11

2 1.1.1.2/32 192.168.1.12

3 1.1.1.11/32 192.168.1.21

4 1.1.1.3/32 192.168.1.13

5 1.1.1.4/32 192.168.1.14

6 1.1.1.5/32 192.168.1.15

7 1.1.1.6/32 192.168.1.16

8 1.1.1.7/32 192.168.1.17

9 1.1.1.8/32 192.168.1.18

10 1.1.1.9/32 192.168.1.19

11 1.1.1.10/32 192.168.1.20

Displaying IPv6 Static RoutesInfoblox > show static_routes v6

Position Destination Gateway

1 1111:2222:3333:4444:5555: 1111:2222:3333:4444:5555:6666:7777:9999

6666:7777:1000/125

2 1111:2222:3333:4444:5555: 1111:2222:3333:4444:5555:6666:7777:bbbb

6666:7777:2000/125

Page 253: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 253

show statusThe command shows the Grid and HA status. You can use this command to gather information about the current state of a Grid. show status

Syntaxshow status

This command has no arguments.

Example

Status of Grid Master

Infoblox > show statusGrid Status: ID Grid Master HA Status:Not Configured

Status of HA member

Infoblox > show statusGrid Status: ID Grid Member HA Status: Active Hostname: member1.infoblox.com Grid Master IP: 10.35.113.15

Note: If the Grid member uses IPv6 communication protocol to join a dual mode Grid, then IPv6 address of the Grid Master is displayed.

Page 254: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 254

show subscriber_secure_dataIf you have configured Infoblox Subscriber Services, the command enables you to view information about the show subscriber_secure_datasubscriber data cached by the collector member. For information about Infoblox Subscriber Services, see .Infoblox Subscriber Services

Syntax  show subscriber_secure_data

  show subscriber_secure_data cache_usage

  show subscriber_secure_data persist

  show subscriber_secure_data never_proxy

  show subscriber_secure_data list_ip_space_desc

  show subscriber_secure_data find <subscriber_id>

  show subscriber_secure_data find <ip_addr> <prefix> <local_id> <ip_space_desc>

  show subscriber_secure_data search <regex>

Argument Description

cache_usage Displays the number of subscriber records in the cache.

persist Displays the data persistence mode of static subscriber records.

never_proxy Displays the hexadecimal character of the never_proxy setting.

list_ip_space_desc Displays the list of all configured IP space discriminators.

find

<subscriber_id>

Displays the subscriber record for the matching subscriber client ID. You must specify the subscriber client ID (MSISDN).

find

<ip_addr> <prefix>

<local_id><ip_space_desc>

Displays the subscriber record for the matching subscriber client IP address.

Enter the subscriber client IP address.Enter the prefix length.

Enter the local ID.

Enter the IP space discriminator.

search <regex> Displays the cached subscriber records for the matching regular expressions.

Example

Displaying the subscriber cached entries

Infoblox > show subscriber_secure_data

111.111.111.111/32|IPS:10.35.120.10|ACS:Acct-Session-Id=9889732d-34590e08;AN0:User-Name=Helen child;NAS:NAS-IP-Address=10.35.120.10;IPS:NAS-IP-Address=10.35.120.10;SUB:MSISDN=9988182386;SSP:Subscriber-Secure-Policy=0000007f;PCP:Parental-Control-Policy=400000000000000000004000d3;|Sat Aug 26 12:55:36 2017111.111.111.111/32|IPS:10.120.252.24|ACS:Acct-Session-Id=9944732d-34590e08;AN0:User-Name=IPv6 only;NAS:NAS-IP-Address=10.120.252.24;IPS:NAS-IP-Address=10.120.252.24;SUB:MSISDN=9944182386;PXY:Proxy-All=1;PXP:

PCP:Parental-Control-PXY_PRI=0ac4065f;PXS:PXY_SEC=0ac4065f;SSP:Subscriber-Secure-Policy=7ff7fffb;Policy=020003;|Sat Aug 26 12:55:37 20172620:10a:6000:2500::6b02/128|IPS:10.36.120.10|ACS:Acct-Session-Id=9979732d-34590e08;AN0:User-Name=Cheap NoPC;NAS:NAS-IP-Address=10.26.120.10;IPS:NAS-IP-Address=10.26.120.10;SUB:MSISDN=9955182386;|Sat Aug 26 12:55:37 2017

https://docs.infoblox.com/display/nios84/Infoblox+Subscriber+Services
Page 255: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 255

If the setting is set to and the and settings do not block this query, Proxy-All 1 Subscriber-Secure-Policy Parental-Control-Policythen NIOS proxies these queries to the MSP server for further processing. NIOS first sends the query to the primary MSP server (denoted by the PX

parameter) and if the primary MSP server is not available, NIOS sends the query to the secondary MSP server (denoted by the Y_PRI PXY_SECparameter). If you want all the queries in a specific category to be resolved directly by NIOS without proxying to an MSP server, use the  set

command. The hexadecimal character represents the subscriber_secure_data never_proxy <category hexadecimal_character>category that is not proxied to an MSP server. For more information see  .set subscriber_secure_data never_proxy

For example, if you have configured an Internet Off policy for a subscriber during a particular timeframe, then if , the Proxy-All setting is set to 1the MPS server processes and blocks all live video streams by terminating the connections during that timeframe. 

If you want all sporting videos except videos about tennis to be blocked, run the  set subscriber_secure_data never_proxy <category command, where is the category related to tennis videos. Here, only videos about hexadecimal_character> <category hexadecimal_character>

tennis are allowed to be streamed on NIOS systems; all other videos are blocked.

Displaying the number of subscriber entries in cache

Infoblox > show subscriber_secure_data cache_usage122798 accounting records in the cache.

Displaying the list of IP Space Discriminators

Infoblox > show subscriber_secure_data list_ip_space_descNAS-IP-Address=10.2.1.1NAS-IP-Address=10.36.1.10NAS-IP-Address=10.120.252.24NAS-IP-Address=10.36.120.10

Displaying the subscriber entries that matches the specific subscriber ID

Infoblox > show subscriber_secure_data find 8089991000collector service provided info about subscriber (SUB:MSISDN=8089991000)2620:10a:6000:2500::6b02/128|IPS:10.36.120.10|ACS:Acct-Session-Id=9979732d-34590e08;AN0:User-Name=Cheap NoPC;NAS:NAS-IP-Address=10.26.120.10;IPS:NAS-IP-Address=10.26.120.10;SUB:MSISDN=8089991000;|Sat Aug 26 12:55:37 2017

Displaying the subscriber record for the matching subscriber client IP address

Infoblox > show subscriber_secure_data find 10.36.0.151 32 N/A N/A

10.36.0.151/32|LID:N/A|IPS:N/A|FLG:|ACS:Acct-Session-Id=9999732d-34590e08;NAS:NAS-PORT=1813;EXP:Expire-Profile=Fri Dec 29 09\\:08\\:43 2017;PXY:Proxy-All=0;UCP:Unknown-Category-Policy=0;DCP:Dynamic-Category-Policy=0;SSP:Subscriber-Secure-Policy=ffffffff;PCP:Parental-Control-Policy=ffffffffffffffffffffffffffffffff;PXP:PXY_PRI=04040404;PXS:PXY_SEC=04040404;SUB:Calling-Station-Id=9956182386;IPA:IP6=2620:10a:6000:2500::c901;|Mon Dec 24 07:57:07 2018

Displaying the subscriber entries that matches the specified regular expression

Infoblox > show subscriber_secure_data search 9889732d-34590e0810.36.111.1/32|IPS:10.35.120.10|ACS:Acct-Session-Id=9889732d-34590e08;AN0:User-Name=Helen child;NAS:NAS-IP-Address=10.35.120.10;IPS:NAS-IP-Address=10.35.120.10;SUB:MSISDN=9988182386;SSP:Subscriber-Secure-Policy=0000007f;PCP:Parental-Control-Policy=400000000000000000004000d3;|Sat Aug 26 22:57:15 201710.36.139.1/32|IPS:10.35.120.10|ACS:Acct-Session-Id=9889732d-34590e08;AN0:User-Name=Assaf Adult;NAS:NAS-IP-Address=10.35.120.10;IPS:NAS-IP-Address=10.35.120.10;SUB:MSISDN=9966182386;SSP:Subscriber-Secure-Policy=0000061f;|Sat Aug 26 22:57:15 20172620:10a:6000:2500::6f01/128|IPS:10.35.120.10|ACS:Acct-Session-Id=9889732d-34590e08;AN0:User-Name=Helen child;NAS:NAS-IP-Address=10.35.120.10;IPS:NAS-IP-Address=10.35.120.10;SUB:MSISDN=9988182386;SSP:Subscriber-Secure-Policy=0000007f;PCP:Parental-Control-Policy=400000000000000000004000d3;|Sat Aug 26 22:57:15 20172620:10a:6000:2500::8b01/128|IPS:10.35.120.10|ACS:Acct-Session-Id=9889732d-34590e08;AN0:User-Name=Assaf Adult;NAS:NAS-IP-Address=10.35.120.10;IPS:NAS-IP-Address=10.35.120.10;SUB:MSISDN=9966182386;SSP:Subscriber-Secure-Policy=0000061f;|Sat Aug 26 22:57:15 2017

Page 256: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 256

show subscriber_secure_data never_proxyIf you have configured Infoblox Subscriber Services, the  command to view the hexadecimal use show subscriber_secure_data never_proxycharacter of the never_proxy setting.

To set the hexadecimal value of the never_proxy category, see the  command.set subscriber_secure_data never_proxy

Syntaxshow subscriber_secure_data never_proxy

ExampleInfoblox > show subscriber_secure_data never_proxynever_proxy category set is 000fffffffffffffffffffffffffff01

Page 257: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 257

show subscriber_secure_data persistIf you have configured Infoblox Subscriber Services, you can use the   command to view the information show subscriber_secure_data persistabout the enabled data persistence mode which allows static records to survive restart. For information about Infoblox Subscriber Services, see Infoblox Subscriber Services.

Syntaxshow subscriber_secure_data persist

ExampleInfoblox > show subscriber_secure_data persist1.2.3.4/32|IPS:N/A|FLG:S||Mon Oct 30 10:55:50 2017 Persistent Subscriber Secure Data last modified at Mon Oct 30 15:12:07 2017

https://docs.infoblox.com/display/nios84draft/Infoblox+Subscriber+Services
https://docs.infoblox.com/display/nios84draft/Infoblox+Subscriber+Services
Page 258: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 258

show support_accessThe command shows whether the support_access function is enabled. By default, the support_access function is disabled. For show support_accessmore information on the support_access function, see . set support_access

Syntaxshow support_access

This command has no arguments.

ExampleInfoblox > show support_accesscurrent support access settings:  Support access enabled (Grid-level):  true

Page 259: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 259

show tcp_timestampsThe command shows whether TCP timestamps are enabled or disabled. If timestamps are enabled, you can view them in the show tcp_timestampstraffic capture file. 

Typically, you run the command before running the  command to determine the status of the TCP show tcp_timestamps set tcp_timestamps timestamps. Based on the status (enabled or disabled), you can run  to enable or disable the timestamps. set tcp_timestamps

Syntaxshow tcp_timestamps

ExampleWhen TCP timestamps are enabled:

Infoblox > show tcp_timestamps

TCP timestamps are enabled.

When TCP timestamps are disabled:

Infoblox > show tcp_timestamps

TCP timestamps are disabled.

Page 260: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 260

show tech-supportThe command displays output for all show commands. It is a labor saving command that allows you to view the information show tech-supportprovided by all the commands. Using the log argument allows you to save the output to a log file that is included in the support bundle.show

Syntaxshow tech-support [log]

Argument Description

log Saves the output to a log file that is included in the support bundle.

ExampleInfoblox > show tech-supportCurrent date and time: Thu Aug 24 14:06:01 EDT 2008 Up time : 19:29Version : 4.3r2Hardware ID: 4dcef037e91a403fe05e10ecd241

License Type    : Grid Expiration Date : 12/20/2009License String  : GgAAADJj2tzLRv8GJ7/Ua4wkRcbnS6Vp5V5RxizS License Type    : DNS Expiration Date : Permanent

License String  : EQAAADNj3cWUB/FCZaaFa8JoT5ev License Type    : DHCP Expiration Date : Permanent

Enter <return> to continue with More lines or enter q<return> to go back to command line

License Type    : Grid Maintenance Expiration Date : 12/20/2009License String  : HAAAADxo18rNWeMKC6ndKsJpRYqpSelr4xJUin6C6bE=

License Type    : NIOS Maintenance Expiration Date : 12/20/2006License String  : HAAAADlkwcrmRfgfJLXaLsJpRYqpSelr4xJUiiXWseE=

Version : 4.3r2SN: 000100e081277a69REVERT version is: N/ANo upgrade history found for this box.

Page 261: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 261

show temperatureThe   command displays the temperature.show temperature

Syntaxshow temperature

This command has no arguments.

ExampleInfoblox > show temperature

show temperatureCPU_TEMP: 25 C

Page 262: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 262

show thresholdtrapThe command displays the trigger and reset values of the SNMP trap for CPU usage. The CPU usage trap is disabled by default, show thresholdtrapand the trigger value is set at 100 and reset value at 0. For information about how to configure the trigger and reset values, see . set thresholdtrap

Syntaxshow thresholdtrap {type}

Argument Description

type The type of threshold trap. Enter to display the trigger and reset values of the CPU usage trap. The trap is disabled by CpuUsagedefault, and the trigger value is set at 100 and reset value at 0.

ExampleInfoblox > show thresholdtrap CpuUsageTrap type: CpuUsagetrigger: 80reset: 71

Page 263: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 263

show tokenThe   command displays token settings.show token

Syntaxshow token

This command has no arguments.

ExampleInfoblox > show token

show tokenThe token is not configured

Page 264: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 264

show traffic_capture_statusThe command displays the status of traffic capture on the NIOS appliance. You can use the set traffic_capture show traffic_capture_statuscommand to start or stop the traffic capture on a NIOS appliance. For more information, see . set traffic_capture

Syntaxshow traffic_capture_status

This command has no arguments.

ExampleInfoblox > show traffic_capture_statusTraffic capture is stopped.3277072 bytes captured.

Page 265: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 265

show upgrade_historyThe command displays the upgrade history of the NIOS appliance, showing how many times the appliance has been show upgrade_historyupgraded and the versions for each upgrade. It also shows the revert version—the version that you can go back to—which is the version of the software the appliance was (last) running prior to the most recent upgrade.

Syntaxshow upgrade_history

This command has no arguments.

ExampleInfoblox > show upgrade_historyREVERT version is: 4.0r1[2006/08/14 19:05:48] Upgraded to: 4.0r2-4-06070517

Page 266: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 266

show uptimeThe command displays the uptime (hours and minutes) of the NIOS appliance since the last reboot. In a test environment, this command show uptimecan be used as a metric. In a production environment, this command is of less use since the appliance remains continually functional.

Syntaxshow uptime

This command has no arguments.

ExampleInfoblox > show uptimeUp time : 19:33

Page 267: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 267

show versionThe command displays the current version of the NIOS software that is installed on the NIOS appliance. You can use this information show versionwhen performing an upgrade to determine what version of the software to upgrade to.

Syntaxshow version

This command has no arguments.

ExampleInfoblox > show versionVersion : 4.0r2SN: 000100e081277a69Hotfix : N/A

Page 268: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 268

show vpn_cert_datesUse the command to display the start and end dates of the Infoblox appliance certificate. This information is also included in the show vpn_cert_datesSupport Bundle.

Syntaxshow vpn_cert_dates

This command has no arguments.

ExampleThe following is an example of the command:

Infoblox > show vpn_cert_dates Start Date=Dec 13 11:00:00 2003 GMTEnd Date=May 20 11:00:00 2019 GMT

Page 269: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 269

show wins_forwardingUse the command to display the current configuration for WINS packet forwarding for the Grid or a specific Grid member. show wins_forwardingFor information about how to configure WINS packet forwarding to Microsoft servers, see . set wins_forwarding

Syntaxshow wins_forwaring

This command has no arguments.

Examples

Execute the command on the Grid member that inherited the Grid settings

Infoblox > show wins_forwarding     Grid level WINS forwarding: enabled     Grid level WINS default server IP: 10.35.0.123

     Member level WINS forwarding: Use grid setting

Execute the command on the Grid member that overrode the Grid settings

Infoblox > show wins_forwarding     Grid level WINS forwarding: Enabled     Grid level WINS default server IP: 10.35.0.123      Member level output interface: LAN2

     Member level WINS forwarding: Override grid setting      Member level forwarding: Enabled     Member level WINS server IP: 10.35.0.321      Member level output interface: MGMT

Execute the command on the Grid member that overrode the Grid settings and packet forwarding was disabled

Infoblox > show wins_forwarding     Grid level WINS forwarding: Enabled     Grid level WINS default server IP: 10.35.0.123      Member level output interface: LAN

     Member level WINS forwarding: Override grid setting      Member level forwarding: Disabled

Page 270: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 270

shutdownThe command halts the NIOS appliance. The appliance is designed to operate continuously. However, if you want to halt the appliance you shutdowncan do so with the command. shutdown

Note: Once you shutdown the appliance using this command, you must manually bring it back up.

Syntaxshutdown

This command has no arguments.

ExampleThe following example uses the shutdown command.

Infoblox > shutdownSHUT DOWN THE SYSTEM? [y or n] y

On a Riverbed Services Platform (RSP), the Note: shutdown command restarts the Riverbed device instead ofhalting it. Infoblox recommends that you use the Riverbed no rsp enable command to perform ashutdown.

Page 271: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 271

snmpgetFetches the information from a discovered device's SNMP data. You specify the IP address or hostname and the SNMP Object ID (also often referred to as an SNMP variable) or its dotted numeric equivalent as defined in the device MIB.

Syntaxsnmpget <hostname or IP address> <SNMP OID>

ExampleThe following example uses the command, specifying the IP address of a device discovered by NIOS, along with the standard Object ID snmpget sysNam

to look up the hostname string for a device. You will need the community string or privacy key to fetch the information.e.O

Infoblox > snmpget 172.22.53.5 sysName.0Enter SNMP Version (1, 2c or 3): 2cEnter SNMP community string: *********Created directory: /var/lib/net-snmp/cert_indexesCreated directory: /var/lib/net-snmp/mib_indexes SNMPv2-MIB::sysName.0 = STRING: DEVsw08

Page 272: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 272

snmpwalkObtain a tree of information from a network device, using automatic SNMP GETNEXT commands. In the NIOS administrative shell version of the snmpwalkcommand, you can specify the SNMP version, the community string, and the desired Root Object ID (OID).

Syntaxsnmpget <hostname or IP address> <SNMP OID>

ExampleThe following example lists a partial output from querying the root Object ID for a Cisco Nexus 5K switch (this technique is also useful for looking up other Object IDs within a particular device):

Infoblox > snmpwalk 172.22.33.5 1.3Enter SNMP Version (1, 2c or 3): 2cEnter SNMP community string: *********SNMPv2-MIB::sysDescr.0 = STRING: Cisco NX-OS(tm) n5000, Software (n5000-uk9), Version 5.1(3)N2(1b), RELEASE SOFTWARE Copyright (c) 2002-2011 by Cisco Systems, Inc. Device Manager Version 5.2(1), Compiled 8/31/2012 17:00:00SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.12.3.1.3.798DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (165293061) 19 days, 3:08:50.61 SNMPv2-MIB::sysContact.0 = STRING: who@whereSNMPv2-MIB::sysName.0 = STRING: DEVsw03SNMPv2-MIB::sysLocation.0 = STRING: snmplocation SNMPv2-MIB::sysServices.0 = INTEGER: 70SNMPv2-MIB::sysORLastChange.0 = Timeticks: (40) 0:00:00.40 SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIBSNMPv2-MIB::sysORID.2 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroupSNMPv2-MIB::sysORID.3 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance SNMPv2-MIB::sysORID.4 = OID: SNMP-MPD-MIB::snmpMPDComplianceSNMPv2-MIB::sysORID.5 = OID: SNMP-USER-BASED-SM-MIB::usmMIBComplianceSNMPv2-MIB::sysORDescr.1 = STRING: The MIB module for SNMPv2 entitiesSNMPv2-MIB::sysORDescr.2 = STRING: View-based Access Control Model for SNMP. SNMPv2-MIB::sysORDescr.3 = STRING: The SNMP Management Architecture MIB....

Page 273: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 273

tracerouteThe command displays information on the route IPv4/IPv6 packets. You can use this command to determine the path of an IPv4/IPv6 query. tracerouteThis command provides information on the path packets travel and the time it takes to reach the IPv4/IPv6 destination address.

Syntaxtraceroute { hostname | ip_address} [ opt ]

Argument Description

hostname Fully qualified domain name

ip_address Valid IPv4/IPv6 address of the host

opt Can be any of the following:

numerical (specifies to not interpret the IP address as a DNS name) src_addr (specifies the starting or "from" address)

ICMP (specifies to use )pingv6 (specifies IPv6 hostname)

ExampleThe following example shows you how to use the traceroute command.

Infoblox > traceroute 10.1.1.1traceroute to 10.1.1.1 (10.1.1.1), 30 hops max, 40 byte packets1 10.1.1.5 (10.1.1.5) 1.951 ms 1.637 ms 1.734 ms2 10.1.1.1 (10.1.1.1) 0.248 ms 0.284 ms 0.239 ms

Page 274: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 274

Reference InformationThis section provides reference information in the following sections:

Configurations Requiring Service RestartOpen Source Copyright and License StatementsProduct CompliancevNIOS AppliancesGuidance DocumentationCSV Import ReferenceSupported Expressions for Search Parameters

Page 275: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 275

Configurations Requiring Service RestartThis topic includes a list of objects that require service restart after you make configuration changes to them. For more information about restarting services, see . Restarting Services

Object Service Action Comment

Grid Security Properties DNS Update

Member Security Properties DNS Update

Authoritative Zone DNS Insert, update, delete If the "Restart if needed" option is enabled, restart is triggered immediately.

DNS Traffic Control Monitor DNS Update All functions

Network Container DHCP Insert, update, delete

Shared Network DHCP Insert, delete

Blacklist Rule DNS Insert, update, delete

Bulk Host DNS Insert, update, delete

Convert Lease DHCP Convert

Convert IPv6 Lease DHCP Convert

Grid DHCP Failover Association DHCP Insert, update, delete

DHCP Fingerprint Filter DHCP Update

Grid DHCP MAC Filter DHCP Update, delete

DHCP Range DHCP Insert, update, delete

DNS64 synthesis group DNS Update

NS Group and Authoritative zone DNS Changing list of secondaries

Grid DNS Properties DNS Update

Member DNS Properties DNS Update

RolloverKey DNS Rollover

DNSSEC Sign Zone DNS Sign

Fixed Address DHCP Insert, update, delete

Forward Zone DNS Insert, update, delete

Grid DHCP Properties DHCP Update

Host Record DNS Insert, update, delete

Host Name Rewrite Policy DHCP Insert, update

DNS Traffic Control Load Balanced Domain Name

DNS Insert, update, delete, restore

DNS Traffic Control Pool DNS Update

DNS Traffic Control Server DNS Update

DNS Traffic Control Topology Rule DNS Insert, update, delete

IPv6 DHCP Range DHCP Insert, update, delete

IPv6 Fixed Address DHCP Insert, update, delete

IPv6 Network DHCP Insert, update, delete

IPv6 Option Space DHCP Update

IPv6 Shared Network DHCP Update

Member DHCP Properties DHCP Insert, update

NAC Filter DHCP Update, delete

Network DHCP Insert, update, delete

Network View DHCP Update, delete

NS Group DNS Insert, update, delete

NXDOMAIN Rule DNS Insert, update, delete

DHCP Range Option Filter DHCP Insert, update, delete

https://docs.infoblox.com/display/nios84/Restarting+Services
Page 276: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 276

DHCP Option Space DHCP Update

Order DHCP Ranges DHCP Changing order of DHCP ranges

DHCP Relay Agent Filter DHCP Update, delete

Resize Network DHCP Resize Accessible from the tabIPAM

Response Policy Zone DNS Update

Roaming Host DHCP Insert, update, delete

Ruleset DNS Update, delete

IPv4/IPv6 Shared Network DHCP Update

Split Network DHCP Split Accessible from the tabIPAM

Join Network DHCP Join Accessible from the tabIPAM

Stub Zone DNS Insert, update, delete

View DNS Insert, update, delete

Import Topology Database DNS Import

Named ACL DNS Update

Grid Properties DNS Update

Member Properties DNS Insert, update, delete

RADIUS Authentication Service DHCP Update

Grid Reporting Properties DNS, DHCP

Update

Reporting Ip Block Group DNS Update, delete

Reporting Member Properties DNS, DHCP

Update

HSM SafeNet Group DNS Update

License DNS Delete Restarts for QRD, RPZ, MSMGMT and REPORTING licenses.

Page 277: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 277

Open Source Copyright and License StatementsInfoblox has made every attempt to adhere to the guidelines for use and contribution to the open source community. Please report back to Infoblox any suspected violations of the copyrights, use of open source contributions via the distribution of binaries and/or source from Infoblox. It is the intent of Infoblox to comply with the open source rules of use, and comply with the various copyrights found in the distribution of the products from Infoblox.This appendix contains the copyright notices for the binary-only distribution from Infoblox. Source changes are contributed back to the open source community when the copyright holder states this is desired. As stated by the enclosed copyrights, a copy of open source files used in our binary-only distribution is available from Infoblox. There is a nominal cost to obtain a CD containing the source files, to cover our costs of duplication and distribution. To obtain a copy of the source, contact us via e-mail at , or call us at 1.408.625.4200. The sections in this appendix include:[email protected]

GNU General Public License GNU Lesser General Public License

Apache Software License, Version 2.0 ISC BIND Copyright ISC DHCP Copyright

Julian Seward Copyright Carnegie Mellon University Copyright

Thai Open Source Software Center Copyright Ian F. Darwin Copyright

Lawrence Berkeley Copyright MIT Kerberos Copyright BSD License David L. Mills Copyright

OpenLDAP License OpenSSL License

VIM License ZLIB License

Wietse Venema Copyright ECLIPSE SOFTWARE

Eclipse Public License - v 1.0 AOP Alliance (Java/J2EE AOP standards)

OpenJDKTASM

Distributed Computing Laboratory, Emory University COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL)

The FreeType Project LICENSE The Independent JPEG Group's JPEG software

Net-SNMP The PHP License, version 3.01

INFO-ZIP MIT License

EhcacheCyboxDateutilImportlibLibtaxiiMixboxStix

PSF License Agreement for Python 2.6 PSF License Agreement for Python 3.5.0 GNU General Public License 2.0 for Suricata, Netfilter and IPTables

LibYAML The MIT License for Jansson

PCRE - Perl Compatible Regular Expressions

GNU General Public LicenseGNU GENERAL PUBLIC LICENSEVersion 2, June 1991

Copyright (C) 1989, 1991 Free Software Foundation, Inc.

59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.

Preamble

The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General PublicLicense is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundations software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too.

When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things.

mailto:[email protected]
Page 278: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 278

1.

2.

a. b.

c.

3.

a.

b.

c.

4.

5.

To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it.

For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.

We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software.

Also, for each authors protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors reputations.

Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyones free use or not licensed at all.

The precise terms and conditions for copying, distribution and modification follow.

GNU GENERAL PUBLIC LICENSETERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you".Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does.

You may copy and distribute verbatim copies of the Programs source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:

You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program.In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:

Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be 11 distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it.

Page 279: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 279

6.

7.

8.

9.

10.

11.

12.

Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances.It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice.This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License.If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.

NO WARRANTY

BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

END OF TERMS AND CONDITIONS

Page 280: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 280

PCRE - Perl Compatible Regular ExpressionsPCRE2 LICENCE-------------PCRE2 is a library of functions to support regular expressions whose syntax and semantics are as close as possible to those of the Perl 5 language.Release 10 of PCRE2 is distributed under the terms of the "BSD" licence, as specified below. The documentation for PCRE2, supplied in the "doc"directory, is distributed under the same terms as the software itself. The data in the testdata directory is not copyrighted and is in the public domain.The basic library functions are written in C and are freestanding. Also included in the distribution is a just-in-time compiler that can be used to optimize pattern matching. This is an optional feature that can be omitted when the library is built.

THE BASIC LIBRARY FUNCTIONS---------------------------Written by: Philip Hazel Email local part: ph10Email domain:cam.ac.ukUniversity of Cambridge Computing Service, Cambridge, England.Copyright (c) 1997-2016 University of Cambridge All rights reserved.PCRE2 JUST-IN-TIME COMPILATION SUPPORT--------------------------------------Written by: Zoltan Herczeg Email local part: hzmesterEmain domain:freemail.hu Copyright(c) 2010-2016 Zoltan Herczeg All rights reserved.STACK-LESS JUST-IN-TIME COMPILER--------------------------------Written by: Zoltan Herczeg Email local part: hzmesterEmain domain:freemail.hu Copyright(c) 2009-2016 Zoltan Herczeg All rights reserved.THE "BSD" LICENCE-----------------Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice,this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of the University of Cambridge nor the names of any contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.End

Page 281: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 281

The MIT License for JanssonCopyright <YEAR> <COPYRIGHT HOLDER>Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Page 282: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 282

LibYAMLCopyright (c) 2006 Kirill SimonovPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Page 283: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 283

1.

2.

a. b.

c.

3.

GNU General Public License 2.0 for Suricata, Netfilter and IPTablesGNU General Public LicenseVersion 2, June 1991 Copyright © 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.

Preamble

The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software–to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too.

When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things.

To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it.

For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.

We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software.

Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations.

Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all.

The precise terms and conditions for copying, distribution and modification follow.

TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you".Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does.

You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:

You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program.In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:

Page 284: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 284

3.

a.

b.

c.

4.

5.

6.

7.

8.

9.

10.

11.

12.

Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it.Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances.It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice.This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License.If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.

NO WARRANTY

BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

END OF TERMS AND CONDITIONS

How to Apply These Terms to Your New Programs

If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.

To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found.

Page 285: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 285

<one line to give the program's name and a brief idea of what it does.> Copyright (C)<year> <name of author>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

Also add information on how to contact you by electronic and paper mail.

If the program is interactive, make it output a short notice like this when it starts in an interactive mode:

Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details.

The hypothetical commands `show w` and `show c` should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c`; they could even be mouse-clicks or menu items–whatever suits your program.

You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names:

Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker.<signature of Ty Coon>, 1 April 1989 Ty Coon, President of Vice

This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License.

Page 286: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 286

1.

2.

3.

4.

5.

6. 7.

8.

PSF License Agreement for Python 3.5.0This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using Python 3.5.0 software in source or binary form and its associated documentation.Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python 3.5.0 alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright © 2001-2015 Python Software Foundation; All Rights Reserved" are retained in Python 3.5.0 alone or in any derivative version prepared by Licensee.In the event Licensee prepares a derivative work that is based on or incorporates Python 3.5.0 or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python 3.5.0.PSF is making Python 3.5.0 available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON 3.5.0 WILL NOT INFRINGE ANY THIRD PARTY RIGHTS.PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON 3.5.0 FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON 3.5.0, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF.This License Agreement will automatically terminate upon a material breach of its terms and conditions.Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party.By copying, installing or otherwise using Python 3.5.0, Licensee agrees to be bound by the terms and conditions of this License Agreement.

Page 287: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 287

1.

2.

3.

4.

5.

6. 7.

8.

PSF License Agreement for Python 2.6This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation.Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee.In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python.PSF is making Python available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT INFRINGE ANY THIRD PARTY RIGHTS.PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF.This License Agreement will automatically terminate upon a material breach of its terms and conditions.Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party.By copying, installing or otherwise using Python, Licensee agrees to be bound by the terms and conditions of this License Agreement.

Page 288: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 288

StixCopyright (c) 2015, The MITRE Corporation

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of The MITRE Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Page 289: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 289

MixboxCopyright (c) 2015, The MITRE Corporation

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of The MITRE Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Page 290: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 290

LibtaxiiCopyright (c) 2013, The MITRE Corporation All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of The MITRE Corporation nor the

names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED ANDON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Page 291: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 291

Importlib(No license included in the package, this is in the readme)

Purpose========

This package contains the code from importlib as found in Python 2.7. It is provided so that people who wish to use "importlib.import_module()" with a version of Python prior to 2.7 or in 3.0 have the function readily available. The code in no way deviates from what can be found in the Python 2.7 standard library.

For documentation, see the `importlib docs`_ for Python 2.7.

Page 292: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 292

Dateutildateutil - Extensions to the standard Python datetime module.

Copyright (c) 2003-2011 - Gustavo Niemeyer <[email protected]>

Copyright (c) 2012-2014 - Tomi Pievilainen <[email protected]>

Copyright (c) 2014- Yaron de Leeuw <[email protected]>

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

mailto:[email protected]
mailto:[email protected]
mailto:[email protected]
Page 293: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 293

CyboxCopyright (c) 2015, The MITRE Corporation All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of The MITRE Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Page 294: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 294

EhcacheThe open source Ehcache project is licensed under the Apache 2.0 License. The text of the license is available below:

Copyright 2003-2010 Terracotta, Inc.

Licensed under the Apache License, Version 2.0 (the "License");

you may not use this file except in compliance with the License.

You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and limitations under the License.

http://www.apache.org/licenses/LICENSE-2.0
Page 295: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 295

MIT LicenseCopyright (c) 2010 Paul T. McGuirePermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Page 296: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 296

1.

2.

3.

4.

INFO-ZIPThis is version 2007-Mar-4 of the Info-ZIP license.The definitive version of this document should be available at indefinitely and a copy at ftp://ftp.info-zip.org/pub/infozip/license.html http://www.info-zip.org

/pub/infozip/license.html.

Copyright (c) 1990-2007 Info-ZIP.All rights reserved.

For the purposes of this copyright and license, "Info-ZIP" is defined as the following set of individuals:

Mark Adler, John Bush, Karl Davis, Harald Denker, Jean-Michel Dubois, Jean-loup Gailly, Hunter Goatley, Ed Gordon, Ian Gorman, Chris Herborth, Dirk Haase, Greg Hartwig, Robert Heath, Jonathan Hudson, Paul Kienitz, David Kirschbaum, Johnny Lee, Onno van der Linden, Igor Mandrichenko, Steve P. Miller, Sergio Monesi, Keith Owens, George Petrov, Greg Roelofs, Kai Uwe Rommel, Steve Salisbury, Dave Smith, Steven M. Schweda,Christian Spieler, Cosmin Truta, Antoine Verheijen, Paul von Behren, Rich Wales, Mike White.

This software is provided "as is," without warranty of any kind, express or implied.In no event shall Info-ZIP or its contributors be held liable for any direct, indirect, incidental, special or consequential damages arising out of the use of or inability to use this software.

Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the above disclaimer and the following restrictions:

Redistributions of source code (in whole or in part) must retain the above copyright notice, definition, disclaimer, and this list of conditions.

Redistributions in binary form (compiled executables and libraries) must reproduce the above copyright notice, definition, disclaimer, and this list of conditions in documentation and/or other materials provided with the distribution. The sole exception to this condition is redistribution of a standard UnZipSFX binary (including SFXWiz) as part of a self-extracting archive; that is permitted without inclusion of this license, as long as the normal SFX banner has not been removed from the binary or disabled.

Altered versions-including, but not limited to, ports to new operating systems, existing ports with new graphical interfaces, versions with modified or added functionality, and dynamic, shared, or static library versions not from Info-ZIPmust be plainly marked as such and must not be misrepresented as being the original source or, if binaries, compiled from the original source.Such altered versions also must not be misrepresented as being Info-ZIP releases-including, but not limited to, labeling of the altered versions with the names "Info-ZIP" (or any variation thereof, including, but not limited to, different capitalizations), "Pocket UnZip," "WiZ" or "MacZip" without the explicit permission of Info-ZIP.Such altered versions are further prohibited from misrepresentative use of the Zip-Bugs or Info-ZIP e-mail addresses or the Info-ZIP URL(s), such as to imply Info-ZIP will provide support for the altered versions.

Info-ZIP retains the right to use the names "Info-ZIP," "Zip," "UnZip," "UnZipSFX," "WiZ," "Pocket UnZip," "Pocket Zip," and "MacZip" for its own source and binary releases.

ftp://ftp.info-zip.org/pub/infozip/license.html
http://www.info-zip.org/pub/infozip/license.html
http://www.info-zip.org/pub/infozip/license.html
Page 297: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 297

1.

2.

3.

4.

5.

6.

The PHP License, version 3.01Copyright (c) 1999 - 2006 The PHP Group. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

The name "PHP" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact [email protected].

Products derived from this software may not be called "PHP", nor may "PHP" appear in their name, without prior written permission from group@pYou may indicate that your software works in conjunction with PHP by saying "Foo for PHP" instead of calling it "PHP Foo" or "phpfoo"hp.net.

The PHP Group may publish revised and/or new versions of the license from time to time. Each version will be given a distinguishing version number.Once covered code has been published under a particular version of the license, you may always continue to use it under the terms of that version. You may also choose to use such covered code under the terms of any subsequent version of the license published by the PHP Group. No one other than the PHP Group has the right to modify the terms applicable to covered code created under this License.

Redistributions of any form whatsoever must retain the following acknowledgment:"This product includes PHP software, freely available from .<http://www.php.net/software/>"

THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --------------------------------------------------------------------

This software consists of voluntary contributions made by many individuals on behalf of the PHP Group.

The PHP Group can be contacted via Email at [email protected].

For more information on the PHP Group and the PHP project,

please see <http://www.php.net>.

PHP includes the Zend Engine, freely available at>.<http://www.zend.com

mailto:[email protected]
mailto:[email protected]
mailto:[email protected]
http://www.php.net/software/
mailto:[email protected]
http://www.php.net/
http://www.zend.com/
Page 298: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 298

Net-SNMPVarious copyrights apply to this package, listed in various separate parts below.Please make sure that you read all the parts. Up until 2001,the project was based at UC Davis, and the first part covers all code written during this time. From 2001 onwards, the project has been based at SourceForge, and Networks Associates Technology, Inc hold the copyright on behalf of the wider Net-SNMP community, covering all derivative work done since then. An additional copyright section has been added as Part 3 below also under a BSD license for the work contributed by Cambridge Broadband Ltd. to the project since 2001.An additional copyright section has been added as Part 4 below also under a BSD license for the work contributed by Sun Microsystems, Inc. to the project since 2003. Code has been contributed to this project by many people overthe years it has been in development, and a full list of contributors can be found in the README file under the THANKS section.

---- Part 1: CMU/UCD copyright notice: (BSD like) -----

Copyright 1989, 1991, 1992 by Carnegie Mellon University

Derivative Work - 1996, 1998-2000

Copyright 1996, 1998-2000 The Regents of the University of California

All Rights Reserved

Permission to use, copy, modify and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of CMU and The Regents of the University of California not be used in advertising or publicity pertaining to distribution of the software without specific written permission. CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL CMU OR THE REGENTS OF THE UNIVERSITY OF CALIFORNIA BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM THE LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

---- Part 2: Networks Associates Technology, Inc copyright notice (BSD) -----

Copyright (c) 2001-2003, Networks Associates Technology, IncAll rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

Neither the name of the Networks Associates Technology, Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

---- Part 3: Cambridge Broadband Ltd. copyright notice (BSD) -----

Portions of this code are copyright (c) 2001-2003, Cambridge Broadband Ltd. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

Page 299: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 299

The name of Cambridge Broadband Ltd. may not be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

---- Part 4: Sun Microsystems, Inc. copyright notice (BSD) -----

Copyright © 2003 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. Use is subject to license terms below.

This distribution may include materials developed by third parties.

Sun, Sun Microsystems, the Sun logo and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

Neither the name of the Sun Microsystems, Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

---- Part 5: Sparta, Inc copyright notice (BSD) -----

Copyright (c) 2003-2005, Sparta, Inc All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

Neither the name of Sparta, Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

---- Part 6: Cisco/BUPTNIC copyright notice (BSD) -----

Copyright (c) 2004, Cisco, Inc and Information NetworkCenter of Beijing University of Posts and Telecommunications. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Page 300: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 300

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

Neither the name of Cisco, Inc, Beijing University of Posts and Telecommunications, nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

---- Part 7: Fabasoft R&D Software GmbH & Co KG copyright notice (BSD) -----

Copyright (c) Fabasoft R&D Software GmbH & Co KG, 2003[ |mailto: ][email protected] [email protected]: Bernhard Penz <[email protected]>

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

The name of Fabasoft R&D Software GmbH & Co KG or any of its subsidiaries, brand or product names may not be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

mailto:[email protected]
Page 301: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 301

1. 2. 3.

The Independent JPEG Group's JPEG softwareIn plain English:

We don't promise that this software works. (But if you find any bugs, please let us know!)You can use this software for whatever you want.You don't have to pay us.You may not pretend that you wrote this software. If you use it in a program, you must acknowledge somewhere in your documentation that you've used the IJG code.

In legalese:

The authors make NO WARRANTY or representation, either express or implied, with respect to this software, its quality, accuracy, merchantability, or fitness for a particular purpose.This software is provided "AS IS", and you, its user, assume the entire risk as to its quality and accuracy.

This software is copyright (C) 1991-1998, Thomas G. Lane. All Rights Reserved except as specified below.

Permission is hereby granted to use, copy, modify, and distribute this software (or portions thereof) for any purpose, without fee, subject to these conditions:

(1) If any part of the source code for this software is distributed, then this README file must be included, with this copyright and no-warranty notice unaltered; and any additions, deletions, or changes to the original files must be clearly indicated in accompanying documentation.

(2) If only executable code is distributed, then the accompanying documentation must state that "this software is based in part on the work of the Independent JPEG Group".

(3) Permission for use of this software is granted only if the user accepts full responsibility for any undesirable consequences; the authors accept NO LIABILITY for damages of any kind.

These conditions apply to any software derived from or based on the IJG code, not just to the unmodified library. If you use our work, you ought to acknowledge us.

Permission is NOT granted for the use of any IJG author's name or company name in advertising or publicity relating to this software or products derived from it.This software may be referred to only as "the Independent JPEG Group's software".

We specifically permit and encourage the use of this software as the basis of commercial products, provided that all warranty or liability claims are assumed by the product vendor.

ansi2knr.c is included in this distribution by permission of L. Peter Deutsch, sole proprietor of its copyright holder, Aladdin Enterprises of Menlo Park, CA. ansi2knr.c is NOT covered by the above copyright and conditions, but instead by the usual distribution terms of the Free Software Foundation; principally, that you must include source code if you redistribute it. (See the file ansi2knr.c for full details.)However, since ansi2knr.c is not needed as part of any program generated from the IJG code, this does not limit you more than the foregoing paragraphs do.

The Unix configuration script "configure" was produced with GNU Autoconf.It is copyright by the Free Software Foundation but is freely distributable. The same holds for its supporting scripts (config.guess, config.sub, ltconfig, ltmain.sh).Another support script, install-sh, is copyrightby M.I.T. but is also freely distributable.

It appears that the arithmetic coding option of the JPEG spec is covered by patents owned by IBM, AT&T, and Mitsubishi. Hence arithmetic coding cannot legally be used without obtaining one or more licenses. For this reason, support for arithmetic coding has been removed from the free JPEG software. (Since arithmetic coding provides only a marginal gain over the unpatented Huffman mode, it is unlikely that very many implementations will support it.) So far as we are aware, there are no patent restrictions on the remaining code.

The IJG distribution formerly included code to read and write GIF files. To avoid entanglement with the Unisys LZW patent, GIF reading support has been removed altogether, and the GIF writer has been simplified to produce "uncompressed GIFs". This technique does not use the LZW algorithm; the resulting GIF files are larger than usual, but are readable by all standard GIF decoders.

We are required to state that

"The Graphics Interchange Format(c) is the Copyright property of CompuServe Incorporated.GIF(sm) is a Service Mark property of CompuServe Incorporated."

Page 302: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 302

The FreeType Project LICENSE

2002-Apr-11

Copyright 1996-2002 byDavid Turner, Robert Wilhelm, and Werner Lemberg

Introduction============

The FreeType Project is distributed in several archive packages; some of them may contain, in addition to the FreeType font engine, various tools and contributions which rely on, or relate to, the FreeType Project.

This license applies to all files found in such packages, and which do not fall under their own explicit license. The license affects thus the FreeType font engine, the test programs, documentation and makefiles, at the very least.

This license was inspired by the BSD, Artistic, and IJG (Independent JPEG Group) licenses, which all encourage inclusion and use of free software in commercial and freeware products alike. As a consequence, its main points are that:

We don't promise that this software works. However, we will be interested in any kind of bug reports. (`as is' distribution)

You can use this software for whatever you want, in parts or full form, without having to pay us. (`royalty-free' usage)

You may not pretend that you wrote this software. If you use it, or only parts of it, in a program, you must acknowledge somewhere in your documentation that you have used the FreeType code. (`credits')

We specifically permit and encourage the inclusion of this software, with or without modifications, in commercial products. We disclaim all warranties covering The FreeType Project and assume no liability related to The FreeType Project.

Finally, many people asked us for a preferred form for a credit/disclaimer to use in compliance with this license. We thus encourage you to use the following text: " " "Portions of this software are copyright © 1996-2002 The FreeType Project (www.freetype.org). All rights reserved." " "

Legal Terms===========

0. Definitions--------------

Throughout this license, the terms `package', `FreeType Project', and `FreeType archive' refer to the set of files originally distributed by the authors (David Turner, Robert Wilhelm, and Werner Lemberg) as the `FreeType Project', be they named as alpha, beta or final release. `You' refers to the licensee, or person using the project, where`using' is a generic term including compiling the project's source code as well as linking it to form a `program' or `executable'. This program is referred to as `a program using the FreeType engine'. This license applies to all files distributed in the original FreeType Project, including all source code, binaries and documentation, unless otherwise stated in the file in its original, unmodified form as distributed in the original archive. If you are unsure whether or not a particular file is covered by this license, you must contact us to verify this. The FreeType Project is copyright (C) 1996-2000 by David Turner, Robert Wilhelm, and Werner Lemberg. All rights reserved except as specified below.

1. No Warranty--------------

THE FREETYPE PROJECT IS PROVIDED `AS IS' WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT WILL ANY OF THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY DAMAGES CAUSED BY THE USE OR THE INABILITY TO USE, OF THE FREETYPE PROJECT.

2. Redistribution-----------------

This license grants a worldwide, royalty-free, perpetual and irrevocable right and license to use, execute, perform, compile, display, copy, create derivative works of, distribute and sublicense the FreeType Project (in both source and object code forms) and derivative works thereof for any purpose; and to authorize others to exercise some or all of the rights granted herein, subject to the following conditions:

Redistribution of source code must retain this license file (`FTL.TXT') unaltered; any additions, deletions or changes to the original files must be clearly indicated in accompanying documentation. The copyright notices of the unaltered, original files must be preserved in all copies of source files.

Redistribution in binary form must provide a disclaimer that states that the software is based in part of the work of the FreeType Team, in the distribution documentation. We also encourage you to put an URL to the FreeType web page in your documentation, though this isn't mandatory.

Page 303: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 303

These conditions apply to any software derived from or based on the FreeType Project, not just the unmodified files. If you use our work, you must acknowledge us. However, no fee need be paid to us.

3. Advertising--------------

Neither the FreeType authors and contributors nor you shall use the name of the other for commercial, advertising, or promotional purposes without specific prior written permission.

We suggest, but do not require, that you use one or more of the following phrases to refer to this software in your documentation or advertising materials: `FreeType Project', `FreeType Engine',`FreeType library', or `FreeType Distribution'.

As you have not signed this license, you are not required to accept it. However, as the FreeType Project is copyrighted material, only this license, or another one contracted with the authors, grants you the right to use, distribute, and modify it. Therefore, by using, distributing, or modifying the FreeType Project, you indicate that you understand and accept all the terms of this license.

4. Contacts -----------

There are two mailing lists related to FreeType:

[email protected]

Discusses general use and applications of FreeType, as well as future and wanted additions to the library and distribution. If you are looking for support, start in this list if you haven't found anything to help you in the documentation.

[email protected]

Discusses bugs, as well as engine internals, design issues, specific licenses, porting, etc.

http://www.freetype.org

Holds the current FreeType web page, which will allow you to download our latest development version and read online documentation.

You can also contact us individually at:

David Turner <[email protected]>

Robert Wilhelm <[email protected]>

Werner Lemberg <[email protected]>

mailto:[email protected]
mailto:[email protected]
http://www.freetype.org/
mailto:[email protected]
mailto:[email protected]
mailto:[email protected]
Page 304: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 304

COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL)Version 1.0

1. Definitions.

1.1. Contributor means each individual or entity that creates or contributes to the creation of Modifications.

1.2. Contributor Version means the combination of the Original Software, prior Modifications used by a Contributor (if any), and the Modifications made by that particular Contributor.

1.3. Covered Software means (a) the Original Software, or (b) Modifications, or (c) the combination of files containing Original Software with files containing Modifications, in each case including portions thereof.

1.4. Executable means the Covered Software in any form other than Source Code.

1.5. Initial Developer means the individual or entity that first makes Original Software available under this License.

1.6. Larger Work means a work which combines Covered Software or portions thereof with code not governed by the terms of this License.

1.7. License means this document.

1.8. Licensable means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently acquired, any and all of the rights conveyed herein.

1.9. Modifications means the Source Code and Executable form of any of the following:

A. Any file that results from an addition to, deletion from or modification of the contents of a file containing Original Software or previous Modifications;

B. Any new file that contains any part of the Original Software or previous Modification; or

C. Any new file that is contributed or otherwise made available under the terms of this License.

1.10. Original Software means the Source Code and Executable form of computer software code that is originally released under this License.

1.11. Patent Claims means any patent claim(s), now owned or hereafter acquired, including without limitation, method, process, and apparatus claims, in any patent Licensable by grantor.

1.12. Source Code means (a) the common form of computer software code in which 1.13. You (or Your) means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, You includes any entity which controls, is controlled by, or is under common control with You. For purposes of this definition, control means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity.

2. License Grants.

2.1. The Initial Developer Grant.

Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, the Initial Developer hereby grants You a world-wide, royalty-free, non-exclusive license:

(a) under intellectual property rights (other than patent or trademark) Licensable by Initial Developer, to use, reproduce, modify, display, perform, sublicense and distribute the Original Software (or portions thereof), with or without Modifications, and/or as part of a Larger Work; and

(b) under Patent Claims infringed by the making, using or selling of Original Software, to make, have made, use, practice, sell, and offer for sale, and/or otherwise dispose of the Original Software (or portions thereof).

(c) The licenses granted in Sections 2.1(a) and (b) are effective on the dateInitial Developer first distributes or otherwise makes the Original Software available to a third party under the terms of this License.

(d) Notwithstanding Section 2.1(b) above, no patent license is granted: (1) for code that You delete from the Original Software, or (2) for infringements caused by: (i) the modification of the Original Software, or (ii) the combination of the Original Software with other software or devices.

2.2. Contributor Grant.

Conditioned upon Your compliance with Section 3.1 below and subject to third party intellectual property claims, each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license:

(a) under intellectual property rights (other than patent or trademark) Licensable by Contributor to use, reproduce, modify, display, perform, sublicense and distribute the Modifications created by such Contributor (or portions thereof), either on an unmodified basis, with other Modifications, as Covered Software and/or as part of a Larger Work; and

(b) under Patent Claims infringed by the making, using, or selling of Modifications made by that Contributor either alone and/or in combination with its Contributor Version (or portions of such combination), to make, use, sell, offer for sale, have made, and/or otherwise dispose of: (1) Modifications made by that Contributor (or portions thereof); and (2) the combination of Modifications made by that Contributor with its Contributor Version (or portions of such combination).

Page 305: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 305

(c) The licenses granted in Sections 2.2(a) and 2.2(b) are effective on the date Contributor first distributes or otherwise makes the Modifications available to a third party.

(d) Notwithstanding Section 2.2(b) above, no patent license is granted: (1) for any code that Contributor has deleted from the Contributor Version; (2) for infringements caused by: (i) third party modifications of Contributor Version, or (ii) the combination of Modifications made by that Contributor with other software (except as part of the Contributor Version) or other devices; or (3) under Patent Claims infringed by Covered Software in the absence of Modifications made by that Contributor.

3. Distribution Obligations.

3.1. Availability of Source Code.

Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License.You must include a copy of this License with every copy of the Source Code form of the Covered Software You distribute or otherwise make available. You must inform recipients of any such Covered Software in Executable form as to how they can obtain such Covered Software in Source Code form in a reasonable manner on or through a medium customarily used for software exchange.

3.2. Modifications.

The Modifications that You create or to which You contribute are governed by the terms of this License. You represent that You believe Your Modifications are Your original creation(s) and/or You have sufficient rights to grant the rights conveyed by this License.

3.3. Required Notices.

You must include a notice in each of Your Modifications that identifies You as the Contributor of the Modification. You may not remove or alter any copyright, patent or trademark notices contained within the Covered Software, or any notices of licensing or any descriptive text giving attribution to any Contributor or the Initial Developer.

3.4. Application of Additional Terms.

You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License or the recipients rights hereunder. You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, you may do so only on Your own behalf, and not on behalf of the Initial Developer or any Contributor. You must make it absolutely clear that any such warranty, support, indemnity or liability obligation is offered by You alone, and You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of warranty, support, indemnity or liability terms You offer.

3.5. Distribution of Executable Versions.

You may distribute the Executable form of the Covered Software under the terms of this License or under the terms of a license of Your choice, which may contain terms different from this License, provided that You are in compliance with the terms of this License and that the license for the Executable form does not attempt to limit or alter the recipients rights in the Source Code form from the rights set forth in this License. If You distribute the Covered Software in Executable form under a different license, You must make it absolutely clear that any terms which differ from this License are offered byYou alone, not by the Initial Developer or Contributor. You hereby agree to indemnify the Initial Developer and every Contributor for any liability incurred by the Initial Developer or such Contributor as a result of any such terms You offer.

3.6. Larger Works.

You may create a Larger Work by combining Covered Software with other code not governed by the terms of this License and distribute the Larger Work as a single product. In such a case, You must make sure the requirements of this License are fulfilled for the Covered Software.

4. Versions of the License.

4.1. New Versions.

Sun Microsystems, Inc. is the initial license steward and may publish revised and/or new versions of this License from time to time. Each version will be given a distinguishing version number. Except as provided in Section 4.3, no one other than the license steward has the right to modify this License.

4.2. Effect of New Versions.

You may always continue to use, distribute or otherwise make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. If the Initial Developer includes a notice in the Original Software prohibiting it from being distributed or otherwise made available under anysubsequent version of the License, You must distribute and make the Covered Software available under the terms of the version of the License under which You originally received the Covered Software. Otherwise, You may also choose to use, distribute or otherwise make the Covered Software available under the terms of any subsequent version of the License published by the license steward.

4.3. Modified Versions.

When You are an Initial Developer and You want to create a new license for Your Original Software, You may create and use a modified version of this License if You: (a) rename the license and remove any references to the name of the license steward (except to note that the license differs from this License); and (b) otherwise make it clear that the license contains terms which differ from this License.

5. DISCLAIMER OF WARRANTY.

COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN AS IS BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU. SHOULD ANY COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR

Page 306: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 306

ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER.

6. TERMINATION.

6.1. This License and the rights granted hereunder will terminate automatically if You fail to comply with terms herein and fail to cure such breach within 30 days of becoming aware of the breach. Provisions which, by their nature, must remain in effect beyond the termination of this License shall survive.

6.2. If You assert a patent infringement claim (excluding declaratory judgment actions) against Initial Developer or a Contributor (the Initial Developer or Contributor against whom You assert such claim is referred to as Participant) alleging that the Participant Software (meaning the Contributor Version where the Participant is a Contributor or the Original Software where the Participant is the Initial Developer) directly or indirectly infringes any patent, then any and all rights granted directly or indirectly to You by such Participant, the Initial Developer (if the Initial Developer is not the Participant) and all Contributors under Sections 2.1 and/or 2.2 of this License shall, upon 60 days notice from Participant terminate prospectively and automatically at the expiration of such 60 day notice period, unless if within such 60 day period You withdraw Your claim with respect to the Participant Software against such Participant either unilaterally or pursuant to a written agreement with Participant.

6.3. In the event of termination under Sections 6.1 or 6.2 above, all end user licenses that have been validly granted by You or any distributor hereunder prior to termination (excluding licenses granted to You by any distributor) shall survive termination.

7. LIMITATION OF LIABILITY.

UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING FROM SUCH PARTYS NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU.

8. U.S. GOVERNMENT END USERS.

The Covered Software is a commercial item, as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of commercial computer software (as that term is defined at 48C.F.R. 252.227-7014(a)(1)) and commercial computer software documentation as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Covered Software with only those rights set forth herein. This U.S. Government Rights clause is in lieu of, and supersedes, any other FAR, DFAR, or other clause or provision that addresses Government rights in computer software under this License.

9. MISCELLANEOUS.

This License represents the complete agreement concerning subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by the law of the jurisdiction specified in a notice contained within the Original Software (except to the extent applicable law, if any, provides otherwise), excluding such jurisdictions conflict-of-law provisions. Any litigation relating to this License shall be subject to the jurisdiction of the courts located in the jurisdiction and venue specified in a notice contained within the Original Software, with the losing party responsible for costs, including, without limitation, court costs and reasonable attorneys fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not apply to this License. You agree that You alone are responsible for compliance with the United States export administration regulations (and the export control laws and regulation of any other countries) when You use, distribute or otherwise make available any Covered Software.

10. RESPONSIBILITY FOR CLAIMS.

As between Initial Developer and the Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License and You agree to work with Initial Developer and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability.

Page 307: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 307

Distributed Computing Laboratory, Emory UniversityThis software is released to the public domain, in the spirit of the original code written by Doug Lea. The code can be used for any purpose, modified, and redistributed without acknowledgment. No warranty is provided, either express or implied.

Page 308: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 308

1. 2.

3.

TASMCopyright (c) 2000-2005 INRIA, France Telecom All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of the copyright holders nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Page 309: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 309

1.

2.

a. b.

c.

3.

a.

b.

OpenJDKGNU General Public License, version 2, with the Classpath Exception

The GNU General Public License (GPL) Version 2, June 1991

Copyright (C) 1989, 1991 Free Software Foundation, Inc.59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.

Preamble

The licenses for most software are designed to take away your freedom to share and change it.By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users.This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it.(Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights.These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it.

For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow.

TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License.The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language.(Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you".

Activities other than copying, distribution and modification are not covered by this License; they are outside its scope.The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program).Whether that is true depends on what the Program does.

You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.

You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.

You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:

You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License.(Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole.If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.

Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program.

In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.

You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:

Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

Page 310: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 310

3.

b.

c.

4.

5.

6.

7.

8.

9.

10.

11.

12.

Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.

If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.

You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License.However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.

You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works.These actions are prohibited by law if you do not accept this License.Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it.

Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.

If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program.

If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances.

It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice.

This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License.

If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.

The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.

Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.

If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.

NO WARRANTY

BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER

Page 311: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 311

12.

OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

END OF TERMS AND CONDITIONS

How to Apply These Terms to Your New Programs

If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.

To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found.

One line to give the program's name and a brief idea of what it does.

Copyright (C) <year> <name of author>

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Also add information on how to contact you by electronic and paper mail.

If the program is interactive, make it output a short notice like this when it starts in an interactive mode:

Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type 'show w'.This is free software, and you are welcome to redistribute it under certain conditions; type 'show c' for details.

The hypothetical commands 'show w' and 'show c' should show the appropriate parts of the General Public License.Of course, the commands you use may be called something other than 'show w' and 'show c'; they could even bemouse-clicks or menu items--whatever suits your program.

You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names:

Yoyodyne, Inc., hereby disclaims all copyright interest in the program 'Gnomovision' (which makes passes at compilers) written by James Hacker.

signature of Ty Coon, 1 April 1989

Ty Coon, President of Vice

This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library.If this is what you want to do, use the GNU Library General Public License instead of this License.

"CLASSPATH" EXCEPTION TO THE GPL

Certain source files distributed by Oracle America and/or its affiliates are subject to the following clarification and special exception to the GPL, but only where Oracle has expressly included in the particular source file's header the words "Oracle designates this particular file as subject to the "Classpath" exception as provided by Oracle in the LICENSE file that accompanied this code."

Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination.

As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module.An independent module is a module which is not derived from or based on this library.If you modify this library, you may extend this exception to your version of the library, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.

Page 312: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 312

AOP Alliance (Java/J2EE AOP standards)LICENSE: all the source code provided by AOP Alliance is Public Domain.

Page 313: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 313

Eclipse Public License - v 1.0

THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS ECLIPSE PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.

1. DEFINITIONS "Contribution" means:

a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and

b) in the case of each subsequent Contributor:

i)changes to the Program, and

ii)additions to the Program;

where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.

"Contributor" means any person or entity that distributes the Program.

"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.

"Program" means the Contributions distributed in accordance with this Agreement.

"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.

2. GRANT OF RIGHTS

a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.

b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.

c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.

d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.

3. REQUIREMENTS

A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:

a) it complies with the terms and conditions of this Agreement; and

b) its license agreement:

i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;

ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;

iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and

iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.

When the Program is made available in source code form:

a) it must be made available under this Agreement; and

b) a copy of this Agreement must be included with each copy of the Program.

Contributors may not remove or alter any copyright notices contained within the Program.

Page 314: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 314

Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.

4. COMMERCIAL DISTRIBUTION

Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must:a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.

For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.

5. NO WARRANTY

EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement , including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.

6. DISCLAIMER OF LIABILITY

EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

7. GENERAL

If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.

If Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.

All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.

Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. The Eclipse Foundation is the initial Agreement Steward. The Eclipse Foundation may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.

This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.

Related Links

* EPL in plain HTML

* The EPL on OSI's site

* CPL to EPL conversion

Page 315: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 315

ECLIPSE SOFTWAREThe product includes Eclipse software (the "Eclipse Program") provided by the Eclipse Foundation and licensed to Infoblox Inc. under the Eclipse Public License v1.0.EXCEPT AS EXPRESSLY SET FORTH IN THE ECLIPSE PUBLIC LICENSE, THE ECLIPSE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. EXCEPT AS EXPRESSLY SET FORTH IN THE ECLIPSE PUBLIC LICENSE, NEITHER THE ECLIPSE FOUNDATION NOR ANY CONTRIBUTORS TO THE ECLIPSE PROGRAM SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THE ECLIPSE PROGRAM, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Any provisions provided by Infoblox relating to the Eclipse Program which differ from the above terms or the Eclipse Public License are offered by Infoblox alone and not by any other party.The source code for the Eclipse Program is available from Infoblox as described in the open source introduction.

Page 316: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 316

Wietse Venema Copyright/************************************************************************ * Copyright 1995 by Wietse Venema. All rights reserved. Some individual * files may be covered by other copyrights. * * This material was originally written and compiled by Wietse Venema at * Eindhoven University of Technology, The Netherlands, in 1990, 1991, * 1992, 1993, 1994 and 1995. * * Redistribution and use in source and binary forms are permitted * provided that this entire copyright notice is duplicated in all such * copies. * * This software is provided "as is" and without any expressed or implied * warranties, including, without limitation, the implied warranties of * merchantibility and fitness for any particular purpose.************************************************************************/

Page 317: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 317

ZLIB License(C) 1995-2002 Jean-loupGailly and Mark AdlerThis software is provided as-is, without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation would be appreciated but is not required.Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.This notice may not be removed or altered from any source distribution.Jean-loup Gailly Mark Adler  [email protected] [email protected] you use the zlib library in a product, we would appreciate receiving lengthy legal documents to sign. The sources are provided for free but without notwarranty of any kind. The library has been entirely written by Jean-loup Gailly and Mark Adler; it does not include third-party code.If you redistribute modified sources, we would appreciate that you include in the file ChangeLog history information documenting your changes.

mailto:[email protected]
mailto:[email protected]
Page 318: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 318

1. 2.

a.

b.

c.

d.

e.

3.

4.

VIM LicenseCOPYINGVim is Charityware. You can use and copy it as much as you like, but you are encouraged to make a donation to orphans in Uganda. Please read the file "runtime/doc/uganda.txt" for details.There are no restrictions on distributing an unmodified copy of Vim. Parts of Vim may also be distributed, but this text must always be included. You are allowed to include executables that you made from the unmodified Vim sources, your own usage examples and Vim scripts.If you distribute a modified version of Vim, you are encouraged to send the maintainer a copy, including the source code. Or make it available to the maintainer through ftp; let him know where it can be found. If the number of changes is small (e.g., a modified Makefile) e-mailing the diffs will do. When the maintainer asks for it (in any way) you must make your changes, including source code, available to him.The maintainer reserves the right to include any changes in the official version of Vim. This is negotiable. You are not allowed to distribute a modified version of Vim when you are not willing to make the source code available to the maintainer.The current maintainer is Bram Moolenaar If this changes, it will be announced in appropriate places (most likely and <[email protected]>. www.vim.orgcomp.editors). When it is completely impossible to contact the maintainer, the obligation to send him modified source code ceases.It is not allowed to remove these restrictions from the distribution of the Vim sources or parts of it. These restrictions may also be used for previous Vim releases instead of the text that was included with it.Vim is Charityware. You can use and copy it as much as you like, but you are encouraged to make a donation for needy children in Uganda. Please see |kcc| below or visit the ICCF web site, available at these mirrors:

http://iccf-holland.org/ http://www.vim.org/iccf/ http://www.iccf.nl/The Open Publication License applies to the Vim documentation, see | manual - copyright |.

=== begin of license ===

VIM LICENSEThere are no restrictions on distributing unmodified copies of Vim except that they must include this license text. You can also distribute unmodified parts of Vim, likewise unrestricted except that they must include this license text. You are also allowed to include executables that you made from the unmodified Vim sources, plus your own usage examples and Vim scripts.It is allowed to distribute a modified (or extended) version of Vim, including executables and/or source code, when the following four conditions are met:

This license text must be included unmodified.The modified Vim must be distributed in one of the following five ways:

If you make changes to Vim yourself, you must clearly describe in the distribution how to contact you. When the maintainer asks you (in any way) for a copy of the modified Vim you distributed, you must make your changes, including source code, available to the maintainer without fee. The maintainer reserves the right to include your changes in the official version of Vim. What the maintainer will do with your changes and under what license they will be distributed is negotiable. If there has been no negotiation then this license, or a later version, also applies to your changes. The current maintainer is Bram Moolenaar < If this changes it will be announced [email protected]>.in appropriate places (most likely vim.sf.net, and/or comp.editors). When it is completely impossible to contact the www.vim.orgmaintainer, the obligation to send him your changes ceases. Once the maintainer has confirmed that he has received your changes they will not have to be sent again.If you have received a modified Vim that was distributed as mentioned under a) you are allowed to further distribute it unmodified, as mentioned at I). If you make additional changes the text under a) applies to those changes.Provide all the changes, including source code, with every copy of the modified Vim you distribute. This may be done in the form of a context diff. You can choose what license to use for new code you add. The changes and their license must not restrict others from making their own changes to the official version of Vim.When you have a modified Vim which includes changes as mentioned under c), you can distribute it without the source code for the changes if the following three conditions are met:- The license that applies to the changes permits you to distribute the changes to the Vim maintainer without fee or restriction, and permits the Vim maintainer to include the changes in the official version of Vim without fee or restriction.- You keep the changes for at least three years after last distributing the corresponding modified Vim. When the maintainer or someone who you distributed the modified Vim to asks you (in any way) for the changes within this period, you must make them available to him.- You clearly describe in the distribution how to contact you. This contact information must remain valid for at least three years after last distributing the corresponding modified Vim, or as long as possible.When the GNU General Public License (GPL) applies to the changes, you can distribute the modified Vim under the GNU GPL version 2 or any later version.

A message must be added, at least in the output of the ":version" command and in the intro screen, such that the user of the modified Vim is able to see that it was modified. When distributing as mentioned under 2)e) adding the message is only required for as far as this does not conflict with the license used for the changes.The contact information as required under 2)a) and 2)d) must not be removed or changed, except that the person himself can make corrections.

If you distribute a modified version of Vim, you are encouraged to use the Vim license for your changes and make them available to the maintainer, including the source code.The preferred way to do this is by e-mail or by uploading the files to a server ande-mailing the URL. If the number of changes is small (e.g., a modified Makefile) e-mailing a context diff will do. The e-mail address to be used is <[email protected]>It is not allowed to remove this license from the distribution of the Vim sources, parts of it or from a modified version. You may use this license for previous Vim releases instead of the license that they came with, at your option.

=== end of license ===

mailto:[email protected]
http://www.vim.org/
http://iccf-holland.org/
http://www.vim.org/iccf/
http://www.iccf.nl/
mailto:[email protected]
http://www.vim.org/
mailto:[email protected]
mailto:[email protected]
Page 319: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 319

OpenSSL LicenseCopyright (c) 1998-2003 The OpenSSL Project. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions

are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. ( )"http://www.openssl.org/

4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact [email protected].

5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project.

6. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit ( )"http://www.openssl.org/

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

This product includes cryptographic software written by Eric Young ([email protected]). This product includes software written by Tim Hudson ([email protected]).

https://www.openssl.org/
mailto:[email protected]
https://www.openssl.org/
Page 320: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 320

1. 2.

3.

OpenLDAP LicenseThe OpenLDAP Public License Version 2.8, 17 August 2003Redistribution and use of this software and associated documentation ("Software"), with or without modification, are permitted provided that the following conditions are met:

Redistributions in source form must retain copyright statements and notices,Redistributions in binary form must reproduce applicable copyright statements and notices, this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution, andRedistributions must contain a verbatim copy of this document.

The OpenLDAP Foundation may revise this license from time to time. Each revision is distinguished by a version number. You may use this Software under terms of this license revision or under the terms of any subsequent revision of the license.THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS CONTRIBUTORS "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPENLDAP FOUNDATION, ITS CONTRIBUTORS, OR THE AUTHOR(S) OR OWNER(S) OF THE SOFTWARE BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.The names of the authors and copyright holders must not be used in advertising or otherwise to promote the sale, use or other dealing in this Software without specific, written prior permission. Title to copyright in this Software shall at all times remain with copyright holders.OpenLDAP is a registered trademark of the OpenLDAP Foundation.Copyright 1999-2003 The OpenLDAP Foundation, Redwood City, California, USA. All Rights Reserved. Permission to copy and distribute verbatim copies of this document is granted.

Page 321: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 321

David L. Mills CopyrightCopyright (c) David L. Mills 1992-2003 *

Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both the copyright notice and this permission notice appear in supporting documentation, and that the name University of Delaware not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. The University of Delaware makes no representations about the suitability this software for any purpose. It is provided "as is" without express or implied warranty.

Page 322: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 322

1. 2.

3.

BSD LicenseRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

Page 323: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 323

MIT Kerberos CopyrightCopyright Notice and Legal Administrivia

Copyright (C) 1985-2002 by the Massachusetts Institute of Technology. All rights reserved.Export of this software from the United States of America may require a specific license from the United States Government. It is the responsibility of any person or organization contemplating export to obtain such a license before exporting.WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. Furthermore if you modify this software you must label your software as modified software and not distribute it in such a fashion that it might be confused with the original MIT software.M.I.T. makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty.THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.Individual source code files are copyright MIT, Cygnus Support, OpenVision, Oracle, Sun Soft, FundsXpress, and others.Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, and Zephyr are trademarks of the Massachusetts Institute of Technology (MIT). No commercial use of these trademarks may be made withoutprior written permission of MIT. "Commercial use" means use of a name in a product or other for-profit manner. It does NOT prevent a commercial firm from referring to the MIT trademarks in order to convey information (although in doing so, recognition of their trademark status should be given).

The following copyright and permission notice applies to the OpenVision Kerberos Administration system located in kadmin/create, kadmin/dbutil, kadmin/passwd, kadmin/server, lib/kadm5, and portions of lib/rpc:Copyright, OpenVision Technologies, Inc., 1996, All Rights ReservedWARNING: Retrieving the OpenVision Kerberos Administration system source code, as described below, indicates your acceptance of the following terms. If you do not agree to the following terms, do not retrieve the OpenVision Kerberos administration system.You may freely use and distribute the Source Code and Object Code compiled from it, with or without modification, but this Source Code is provided to you "AS IS" EXCLUSIVE OF ANY WARRANTY, INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, OR ANY OTHER WARRANTY, WHETHER EXPRESS OR IMPLIED. IN NO EVENT WILL OPENVISION HAVE ANY LIABILITY FOR ANY LOST PROFITS, LOSS OF DATA OR COSTS OF PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, INCLUDING, WITHOUT LIMITATION, THOSE RESULTING FROM THE USE OF THE SOURCE CODE, OR THE FAILURE OF THE SOURCE CODE TO PERFORM, OR FOR ANY OTHER REASON.OpenVision retains all copyrights in the donated Source Code. OpenVision also retains copyright to derivative works of the Source Code, whether created by OpenVision or by a third party. The OpenVision copyright notice must be preserved if derivative works are made based on the donated Source Code.OpenVision Technologies, Inc. has donated this Kerberos Administration system to MIT for inclusion in the standard Kerberos 5 distribution. This donation underscores our commitment to continuing Kerberos technology development and our gratitude for the valuable work which has been performed by MIT and the Kerberos community.

Portions contributed by Matt Crawford were work performed at Fermi National Accelerator Laboratory, which is operated by <[email protected]>Universities Research Association, Inc., under contract DE-AC02-76CHO3000 with the U.S. Department of Energy.

mailto:[email protected]
Page 324: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 324

Lawrence Berkeley CopyrightCopyright (c) 1990 The Regents of the University of California. All rights reserved.This code is derived from software contributed to Berkeley by Vern Paxson.The United States Government has rights in this work pursuant to contract no.DE-AC03-76SF00098 between the United States Department of Energy and the University of California.Redistribution and use in source and binary forms with or without modification are permitted provided that: (1) source distributions retain this entire copyright notice and comment, and (2) distributions including binaries display the following acknowledgement: "This product includes software developed by the University of California, Berkeley and its contributors" in the documentation or other materials provided with the distribution and in all advertising materials mentioning features or use of this software. Neither the name of the University nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

Page 325: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 325

1.

2.

3.

4.

Ian F. Darwin CopyrightCopyright (c) Ian F. Darwin 1986, 1987, 1989, 1990, 1991, 1992, 1994, 1995.Software written by Ian F. Darwin and others; maintained 1994-1999 Christos Zoulas.This software is not subject to any export provision of the United States Department of Commerce, and may be exported to any country or planet.Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice immediately at the beginning of the file, without modification, this list of conditions, and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.All advertising materials mentioning features or use of this software must display the following acknowledgement:This product includes software developed by Ian F. Darwin and others.The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Page 326: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 326

Thai Open Source Software Center CopyrightCopyright (c) 1998, 1999, 2000 Thai Open Source Software Center Ltd and Clark Cooper

Copyright (c) 2001, 2002 Expat maintainers.Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Page 327: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 327

Carnegie Mellon University CopyrightCopyright (c) 2001 Carnegie Mellon University. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. The name "Carnegie Mellon University" must not be used to endorse or promote products derived from this software without prior written permission. For permission or any other legal details, please contact

Office of Technology Transfer

Carnegie Mellon University

5000 Forbes Avenue

Pittsburgh, PA 15213-3890

(412) 268-4387, fax: (412) 268-7395

[email protected]

4. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by Computing Services at Carnegie Mellon University (http://www.cmu.edu/computing/)."

CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

mailto:[email protected]
http://www.cmu.edu/computing/)
Page 328: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 328

1. 2.

3. 4.

Julian Seward CopyrightThis program, "bzip2" and associated library "libbzip2", are copyright (C) 1996-2002 Julian R Seward. All rights reserved.Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice,this list of conditions and the following disclaimer.The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the productdocumentation would be appreciated but is not required.Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Julian Seward, Cambridge, [email protected]/libbzip2 version 1.0.2 of 30 December 2001

mailto:[email protected]
Page 329: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 329

1. 2.

3.

ISC DHCP CopyrightCopyright (c) 1995, 1996, 1997, 1998, 1999 Internet Software Consortium -DHCP. All rights reserved.Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.Neither the name of Internet Software Consortium - DHCP nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY INTERNET SOFTWARE

CONSORTIUM AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Page 330: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 330

ISC BIND CopyrightCopyright (C) 1996-2002 Internet Software Consortium.Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.Portions Copyright (C) 1996-2001 Nomimum, Inc.Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Page 331: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 331

1.

2.

3.

a.

b. c.

d. 4.

a.

b. c.

d. 5.

6.

7.

8.

9.

10.

perl Artistic LicenseThe "Artistic License"

Preamble

The intent of this document is to state the conditions under which a Package may be copied, such that the Copyright Holder maintains some semblance of artistic control over the development of the package, whil giving the users of the package the right to use and distribute the Package in a more-or-less customary fashion, plus the right to make reasonable modifications.

Definitions:

"Package" refers to the collection of files distributed by the Copyright Holder, and derivatives of that collection of files created through textual modification.

"Standard Version" refers to such a Package if it has not been modified, or has been modified in accordance with the wishes of the Copyright Holder as specified below.

"Copyright Holder" is whoever is named in the copyright or copyrights for the package.

"You" is you, if youre thinking about copying or distributing this Package.

"Reasonable copying fee" is whatever you can justify on the basis of media cost, duplication charges, time of people involved, and so on. (You will not be required to justify it to the Copyright Holder, but only to the computing community at large as a market that must bear the fee.)

"Freely Available" means that no fee is charged for the item itself, though there may be fees involved in handling the item. It also means that recipients of the item may redistribute it under the same conditions they received it.

You may make and give away verbatim copies of the source form of the Standard Version of this Package without restriction, provided that you duplicate all of the original copyright notices and associated disclaimers.You may apply bug fixes, portability fixes and other modifications derived from the Public Domain or from the Copyright Holder. A Package modified in such a way shall still be considered the Standard Version.You may otherwise modify your copy of this Package in any way, provided that you insert a prominent notice in each changed file stating how and when you changed that file, and provided that you do at least ONE of the following:

place your modifications in the Public Domain or otherwise make them Freely Available, such as by posting said modifications to Usenet or an equivalent medium, or placing the modifications on a major archive site such as uunet.uu.net, or by allowing the Copyright Holder to include your modifications in the Standard Version of the Package.use the modified Package only within your corporation or organization.rename any non-standard executables so the names do not conflict with standard executables, which must also be provided, and provide a separate manual page for each non-standard executable that clearly documents how it differs from the Standard Version.make other distribution arrangements with the Copyright Holder.

You may distribute the programs of this Package in object code or executable form, provided that you do at least ONE of the following:distribute a Standard Version of the executables and library files, together with instructions (in the manual page or equivalent) on where to get the Standard Version.accompany the distribution with the machine-readable source of the Package with your modifications.give non-standard executables non-standard names, and clearly document the differences in manual pages (or equivalent), together with instructions on where to get the Standard Version.make other distribution arrangements with the Copyright Holder.

You may charge a reasonable copying fee for any distribution of this Package. You may charge any fee you choose for support of this Package. You may not charge a fee for this Package itself. However, you may distribute this Package in aggregate with other (possibly commercial) programs as part of a larger (possibly commercial) software distribution provided that you do not advertise this Package as a product of your own. You may embed this Packages interpreter within an executable of yours (by linking); this shall be construed as a mere form of aggregation, provided that the complete Standard Version of the interpreter is so embedded.The scripts and library files supplied as input to or produced as output from the programs of this Package do not automatically fall under the copyright of this Package, but belong to whoever generated them, and may be sold commercially, and may be aggregated with this Package. If such scripts or library files are aggregated with this Package via the so-called "undump" or "unexec" methods of producing a binary executable image, then distribution of such an image shall neither be construed as a distribution of this Package nor shall it fall under the restrictions of Paragraphs 3 and 4, provided that you do not represent such an executable image as a Standard Version of this Package.C subroutines (or comparably compiled subroutines in other languages) supplied by you and linked into this Package in order to emulate subroutines and variables of the language defined by this Package shall not be considered part of this Package, but are the equivalent of input as in Paragraph 6, provided these subroutines do not change the language in any way that would cause it to fail the regression tests for the language.Aggregation of this Package with a commercial distribution is always permitted provided that the use of this Package is embedded; that is, when no overt attempt is made to make this Packages interfaces visible to the end user of the commercial distribution. Such use shall not be construed as a distribution of this Package.The name of the Copyright Holder may not be used to endorse or promote products derived from this software without specific prior written permission.THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.

The End

Page 332: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 332

1.

2.

3.

4.

a.

b.

c.

d.

5.

Apache Software License, Version 2.0Copyright (c) 2004 The Apache Software Foundation. All rights reserved. TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION

Definitions.

"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.

"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.

"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.

"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.

"Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.

"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.

"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).

"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.

"Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."

"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.

Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.

Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.

Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:

You must give any other recipients of the Work or Derivative Works a copy of this License; and

You must cause any modified files to carry prominent notices stating that You changed the files; and

You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and

If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.

You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.

Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing

Page 333: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 333

5.

6.

7.

8.

9.

herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.

Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.

Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.

Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.

Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.

END OF TERMS AND CONDITIONS

APPENDIX: How to apply the Apache License to your work.

To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.

Copyright [yyyy] [name of copyright owner]

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0|http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

http://www.apache.org/licenses/LICENSE-2.0
http://www.apache.org/licenses/LICENSE-2.0
Page 334: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 334

GNU Lesser General Public LicenseGNU LESSER GENERAL PUBLIC LICENSEVersion 2.1, February 1999

Copyright (C) 1991, 1999 Free Software Foundation, Inc.

59 Temple Place, Suite 330, Boston, MA 02111-1307 USA

Everyone is permitted to copy and distribute verbatim copies of this icense document, but changing it is not allowed.

[This is the first released version of the Lesser GPL. It also counts as the successor of the GNU Library Public License, version 2, hence the version number 2.1.]

Preamble

The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users.

This license, the Lesser General Public License, applies to some specially designated software packages-typically libraries-of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case, based on the explanations below.

When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things.

To protect your rights, we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights. These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it.

For example, if you distribute copies of the library, whether gratis or for a fee, you must give the recipients all the rights that we gave you. You must make sure that they, too, receive or can get the source code. If you link other code with the library, you must provide complete object files to the recipients, so that they can relink them with the library after making changes to the library and recompiling it. And you must show them these terms so they know their rights.

We protect your rights with a two-step method: (1) we copyright the library, and (2) we offer you this license, which gives you legal permission to copy, distribute and/or modify the library.

To protect each distributor, we want to make it very clear that there is no warranty for the free library. Also, if the library is modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original authors reputation will not be affected by problems that might be introduced by others.

Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder. Therefore, we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license.

Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs.

When a program is linked with a library, whether statically or using a shared library, the combination of the two is legally speaking a combined work, a derivative of the original library. The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom. The Lesser General Public License permits more lax criteria for linking other code with the library.

We call this license the "Lesser" General Public License because it does Less to protect the users freedom than the ordinary General Public License. It also provides other free software developers Less of an advantage over competing non-free programs. These disadvantages are the reason we use the ordinary General Public License for many libraries. However, the Lesser license provides advantages in certain special circumstances.

For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License.

In other cases, permission to use a particular library in non-free programs enables a greater number of people to use a large body of free software. For example, permission to use the GNU C Library in non-free programs enables many more people to use the whole GNU operating system, as well as its variant, the GNU/Linux operating system.

Although the Lesser General Public License is Less protective of the users freedom, it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library.

The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run.

GNU LESSER GENERAL PUBLIC LICENSE

TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

Page 335: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 335

1.

2.

a. b. c. d.

3.

4.

5.

6.

a.

0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License"). Each licensee is addressed as "you".

A "library" means a collection of software functions and/or data prepared so as to be conveniently linked with application programs (which use some of those functions and data) to form executables.

The "Library", below, refers to any such software library or work which has been distributed under these terms. A "work based on the Library" means either the Library or any derivative work under copyright law: that is to say, a work containing the Library or a portion of it, either verbatim or with modifications and/or translated straightforwardly into another language. (Hereinafter, translation is included without limitation in the term "modification".)

"Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library.

Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does.

You may copy and distribute verbatim copies of the Librarys complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library.You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee.You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions

The modified work must itself be a software library.You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change.You must cause the whole of the work to be licensed at nocharge to all third parties under the terms of this License.If a facility in the modified Library refers to a function or a table of data to be supplied by an appropriate program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of its purpose remains meaningful.

(For example, a function in a library to compute square roots has a purpose that is entirely well-defined independent of the application. Therefore, Subsection 2d requires that any application-supplied function or table used by this function must be optional: if the application does not supply it, the square root function must still compute square roots.)These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Library.In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License.You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library. To do this, you must alter all the notices that refer to this License, so that they refer to the ordinary GNU General Public License, version 2, instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices.Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy.This option is useful when you wish to copy part of the code of the Library into a program that is not a library.You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange.If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code.A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License.However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables.When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law.If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.)Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself.As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customers own use and reverse engineering for debugging such modifications.You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things:

Page 336: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 336

6.

a.

b.

c.

d.

e.

7.

a.

b.

8.

9.

10.

11.

12.

13.

14.

15.

16.

Accompany the work with the complete corresponding machine-readable source code for the Library including whatever changes were used in the work (which must be distributed under Sections 1 and 2 above); and, if the work is an executable linked with the Library, with the complete machine-readable "work that uses the Library", as object code and/or source code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.)Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the users computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with.Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution.If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place.Verify that the user has already received a copy of these materials or that you have already sent this user a copy.

For an executable, the required form of the "work that uses the Library" must include any data and utility programs needed for reproducing the executable from it. However, as a special exception, the materials to be distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system. Such a contradiction means you cannot use both them and the Library together in an executable that you distribute.You may place library facilities that are a work based on the Library side-by-side in a single library together with other library facilities not covered by this License, and distribute such a combined library, provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted, and provided that you do these two things:

Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. This must be distributed under the terms of the Sections above.Give prominent notice with the combined library of the fact that part of it is a work based on the Library, and explaining where to find the accompanying uncombined form of the same work.

You may not copy, modify, sublicense, link with, or distribute the Library except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense, link with, or distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Library (or any work based on the Library), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Library or works based on it.Each time you redistribute the Library (or any work based on the Library), the recipient automatically receives a license from the original licensor to copy, distribute, link with or modify the Library subject to these terms and conditions. You may not impose any further restrictions on the recipients exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties with this License.If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all. For example, if a patent license would not permit royalty-free redistribution of the Library by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library.If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply, and the section as a whole is intended to apply in other circumstances.It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice.This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License.If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.Each version is given a distinguishing version number. If the Library specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Library does not specify a license version number, you may choose any version ever published by the Free Software Foundation.If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally.

NO WARRANTY

BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED

Page 337: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 337

16.

BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

END OF TERMS AND CONDITIONS

Page 338: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 338

Product ComplianceThis section describes the hardware components, requirements, and specifications, plus agency and RFC (Request for Comments) compliance for the Infoblox appliance. Topics in this section include:

RFC ComplianceAgency ComplianceDCAC

Power Safety InformationThe main external power connector for the Infoblox appliance is located on the back of the system. Ensure power to the system is off before connecting the power cord into the power connector. Please read the following power safety statements for your AC- or DC-powered appliance:

Page 339: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 339

RFC ComplianceThe NIOS appliance is compliant with the following:

Qualys and Nessus security requirementsJoint Interoperability Test Command (JITC) certification for Internet Protocol version 6 capabilityRFCs (Request for Comments):

DNS RFC Compliance DHCP RFC Compliance

DHCPv6 RFC Compliance IDN (Internationalized Domain Names) RFC Compliance

DNS RFC ComplianceThe NIOS appliance complies with the following DNS RFCs:

RFCs for DNS

RFC Number  RFC Title

805 Computer Mail Meeting Notes

811 Hostnames Server

819 The Domain Naming Convention for Internet User Applications

881 The Domain Names Plan and Schedule

882 Domain Names: Concepts and Facilities

883 Domain Names: Implementation Specification

897 Domain Name System Implementation Schedule

920 Domain Requirements

921 Domain Name System Implementation Schedule – Revised

973 Domain System Changes and Observations

974 Mail Routing and the Domain System

1032 Domain Administrators Guide

1033 Domain Administrators Operations Guide

1034 Domain Names – Concepts and Facilities

1035 Domain Names – Implementation and Specification

1101 DNS Encoding of Network Names and Other Types

1122 Requirements for Internet Hosts – Communication Layers

1123 Requirements for Internet Hosts – Application and Support

1178 Choosing a Name for Your Computer

1348 DNS NSAP RRs

1386 The US Domain

1464 Using the Domain Name System to Store Arbitrary String Attributes

1535 A Security Problem and Proposed Correction with Widely Deployed DNS Software

1536 Common DNS Implementation Errors and Suggested Fixes

1537 Common DNS Data File Configuration Errors

1591 Domain Name System Structure and Delegation

1611 DNS Server MIB Extensions

1612 DNS Resolver MIB Extensions

1637 DNS NSAP Resource Records

Page 340: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 340

1664 Using the Internet DNS to Distribute RFC

1327 Mail Address Mapping Tables

1713 Tools for DNS debugging

1794 DNS Support for Load Balancing

1811 U.S. Government Internet Domain Names

1816 U.S. Government Internet Domain Names

1912 Common DNS Operational and Configuration Errors

1956 Registration in the MIL Domain

1982 Serial Number Arithmetic

1995 Incremental Zone Transfer in DNS

1996 A Mechanism for Prompt Notification of Zone Changes

2010 Operational Criteria for Root Name Servers

2052 A DNS RR for specifying the location of services (DNS SRV)

2053 The AM (Armenia) Domain

2136 Dynamic Updates in the Domain Name System (DNS UPDATE)

2142 Mailbox Names for Common Services, Roles and Functions

2146 U.S. Government Internet Domain Names

2168 Resolution of Uniform Resource Identifiers using the Domain Name System

2181 Clarifications to the DNS Specification

2182 Selection and Operation of Secondary DNS Servers

2219 Use of DNS Aliases for Network Services

2240 A Legal Basis for Domain Name Allocation

2308 Negative Caching of DNS Queries (DNS NCACHE)

2317 Classless IN-ADDR.ARPA Delegation

2352 A Convention for Using Legal Names as Domain Names

2537 RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)

2606 Reserved Top Level DNS Names

2782 A DNS RR for Specifying the Location of Services (DNS SRV)

2845 Secret Key Transaction Authentication for DNS (TSIG)

2915 The Naming Authority Pointer (NAPTR) DNS Resource Record

2930 Secret Key Establishment for DNS (TKEY RR)

3596 DNS Extensions to Support IP Version 6

3645 Generic Security Service Algorithm for Secret Key Transaction Authentication for DNS (GSS-TSIG)

3768 Virtual Router Redundancy Protocol (VRRP)

4033 DNS Security Introduction and Requirements

4034 Resource Records for the DNS Security Extensions

4035 Protocol Modifications for the DNS Security Extensions

4641 DNSSEC Operational Practices

4956 DNS Security (DNSSEC) Opt-In

4986 Requirements Related to DNS Security (DNSSEC) Trust Anchor Rollover

5155 DNSSEC Hashed Authenticated Denial of Existence

Page 341: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 341

5702 Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC

5936 DNS Zone Transfer Protocol (AXFR)

6147 DNS Extensions for Network Address Translation from IPv6 Clients to IPv4 Servers

6698 The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol:

TLSA

6844 DNS Certification Authority Authorization (CAA) Resource Record

6891 Extension Mechanisms for DNS (EDNS0)

7646 Definition and Use of DNSSEC Negative Trust Anchors

7671 The DNS-Based Authentication of Named Entities (DANE) Protocol

7766 DNS Transport over TCP

7871 Client Subnet in DNS Queries

DHCP RFC ComplianceThe appliance complies with the following DHCP RFCs:

RFCs for DHCP

RFC Number

RFC Title

1531 Dynamic Host Configuration Protocol 1534 Interoperation Between DHCP and BOOTP

1542 Clarifications and Extensions for the Bootstrap Protocol

2131 Dynamic Host Configuration Protocol

2132 DHCP Options and BOOTP Vendor Extensions

3046 DHCP Relay Agent Information Option

3315 Dynamic Host Configuration Protocol for IPv6 (DHCPv6)

3925 Vendor-Identifying Vendor Options for Dynamic Host Configuration Protocol version 4 (DHCPv4)

4388 Dynamic Host Configuration Protocol (DHCP) Leasequery

DHCPv6 RFC ComplianceThe appliance complies with the following DHCPv6 RFCs:

RFCs for DHCPv6

RFC Number RFC Title

4075 Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6

3898 Network Information Service (NIS) Configuration Options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6)

3736 Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6

3646 DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6)

3633 IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6

3319 Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers

IDN (Internationalized Domain Names) RFC ComplianceThe appliance complies with the following IDN RFCs:

RFCs for IDN

RFC RFC Title

Page 342: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 342

Number

3492 Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications (IDNA)

5890 Internationalized Domain Names for Applications (IDNA): Definitions and Document Framework

5891 Internationalized Domain Names for Applications (IDNA): Background, Explanation, and Rationale

5892 The Unicode code points and IDNA

5893 Right-to-left scripts for IDNA

5894 Internationalized Domain Names in Applications (IDNA): Protocol

5895 Mapping Characters in IDNA2008

6452 The Unicode Code Points and Internationalized Domain Names for Applications (IDNA) - Unicode 6.0

Page 343: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 343

Agency ComplianceThe Infoblox appliance is compliant with these EMI and safety agency regulations:   Agency Regulation Compliance

Standard Agency Marks

FCC Part 15 FCC FCC

EN55022, EN55024, EN61000-3-2, EN61000-3-3 TUV CE

UL60950/CSA60950 UL cULus

EN60950 TUV GS

CB Scheme IECEE Report and Certificate IEC 60950-1:2001

VCCI-A VCCI VCCI

AS/NZS 3548 ACMA C-Tick

FCCThe FCC label on the back of the system indicates this network appliance is compliant with limits for a Class A digital device in accordance with Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when this equipment is operated in a commercial environment. Operation is subject to the following two conditions:

This device might not cause harmful interference.This device must accept any interference received, including interference that may cause undesired operation.

This device generates, uses, and can radiate radio frequency energy if not installed and used in accordance with the instructions in this manual. Operating this equipment in a residential area is likely to cause harmful interference, and the customer will be required to rectify the interference at his or her own expense. This product requires the use of external shielded cables to maintain compliance pursuant to Part 15 of the FCC Rules.

Canadian Compliance

English

This Class A digital apparatus complies with Canadian ICES-003.

French

Cet appareil numérique de la classe A est conforme à la norme NMB-003 du Canada.

VCCIThe Infoblox appliance complies with this VCCI regulation (compliance statement follow by its translation):

This is a Class A product based on the Technical Requirements of the Voluntary Control Council for Interference Technology (VCCI). In a domestic environment this product may cause radio interference, in which case the user may be required to take corrective action.

Caution

Lithium battery included with this board. Do not puncture, mutilate, or dispose of battery in fire. Danger of explosion if battery is incorrectly replaced. Replace only with the same or equivalent type recommended by manufacturer. Dispose of used battery according to manufacturer instructions and in accordance with your local regulations.

Page 344: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 344

Caution: Lithium battery included with this board. Do not puncture, mutilate, or dispose of battery in fire. Danger of explosion if battery is incorrectly replaced. Replace only with the same or equivalent type recommended by manufacturer. Dispose of used battery according to manufacturer instructions and in accordance with your local regulations.

Page 345: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 345

DCEnglish

When stranded wiring is required, use approved wiring terminations, such as closed-loop or spade-type with upturned lugs. These terminations should be the appropriate size for the wires and should clamp both the insulation and conductor.

Page 346: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 346

ACEnglish

French

German

Warning

This product relies on the building's installation for short-circuit (overcurrent) protection.Ensure that a fuse or circuit breaker no larger than 120VAC, 15AU.S. (240VAC, 10A international) is used on the phase conductors (all current-carrying conductors)

Warning

Pour ce qui est de la protection contre les courts-circuits (surtension), ce produit dépend de l'installation électrique du local. Vérifier qu'un fusible ou qu'un disjoncteur de 120V alt., 15AU.S. maximum (240V alt., 10A international) est utilisé sur les conducteurs de phase (conducteurs de charge).

Warning

Dieses Produkt ist darauf angewiesen, daß im Gebäude ein Kurzschluß - bzw. Überstromschutzinstalliert ist. Stellen Sie sicher, daß eine Sicherung oder ein Unterbrecher von nicht mehr als 240V Wechselstrom, 10A (bzw. in den USA120V Wechselstrom, 15A) an den Phasenleitern (allen stromf¸ hrenden Leitern) verwendet wird.

Page 347: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 347

vNIOS AppliancesvNIOS appliances support most of the features of the Infoblox NIOS software, with some limitations. The subtopics in this section describe these limitations. 

vNIOS for Appliances LimitationsvNIOS for VMware LimitationsvNIOS for Hyper-V LimitationsvNIOS for Xen LimitationsvNIOS for Riverbed Limitations

Table E.1 summarizes the supported vNIOS appliance models.

Table E.1 Supported vNIOS Appliance Models and Specifications

NIOS Virtual Appliances

Primary Disk (GB) # of CPU Cores

Memory Allocation (GB)

Virtual CPU Core Frequency Limit

NIOS for VMware

NIOS for MS Hyper-V

NIOS for KVM

NIOS for AWS, Azure and GCP

Supported as Grid Master and Grid

IB-VM-805 *(Reportingonly)

250 (+ 1 TB user defined reporting storage)

2 32 2800 MHz 4 X No

IB-V815 * 250 2 16 1100 MHz 4 X Yes

IB-V825 * 250 2 16 1600 MHz 4 Yes

IB-V1405 *(Reportingonly)

250 (+1.2 TB user defined reporting storage)

4 32 3600 MHz 4 X No

IB-V1415 * 250 4 32 1200 MHz 4 X Yes

IB-V1425 * 250 4 32 1800 MHz 4 Yes

IB-VM-2205 *(Reportingonly)

250 (+ 2.4 TB user defined reporting storage)

8 64 2100 MHz 4 X No

IB-V2215 * 250 8 64 2100 MHz 4 X Yes

IB-V2225 * 250 8 64 2100 MHz 4 Yes

IB-V4005(Reportingonly)

250 (+ 1500 GB reporting storage)

14 128 N / A X X X No

IB-V4015* 250 14 128 N / A 4 X Yes

IB-V4025* 250 14 128 N / A 4 Yes

IB-V5005** User defined reporting storage

User defined

User defined N / A X No

Network Insight Virtual Appliances

Overall Disk (GB)

# of CPU Cores

Memory Allocation (GB)

Virtual CPU Core Frequency Limit

NIOS for VMware

NIOS for MS Hyper-V

NIOS for KVM

NIOS for AWS and Azure

Supported as Grid Master and Grid Master Candidate

ND-V805 *5 500 2 32 2800 MHz 4 X No

ND-V1405 *5 250 4 32 3600 MHz 4 X No

ND-V2205 *5 250 8 32 2100 MHz 4 X No

ND-V4005 *5 250 14 128 N / A 4 X No

Cloud Platform Virtual Appliances

Overall Disk (GB)

# of CPU Cores

Memory Allocation (GB)

Virtual CPU Core Frequency Limit

NIOS for VMware

NIOS for KVM

NIOS for AWS and Azure

Supported as Grid Master and Grid Master Candidate

CP-V805 160 2 2 2000 MHz No

CP-V1405 160 4 8 6000 MHz No

CP-V2205 160 4 12 12000 MHz No

Notes

VMware Tools are automatically installed for each vNIOS appliance. Infoblox supports the control functions in Hyper-V Manager and VMware Tools. For example, through the vSphere client, you can shut down the virtual appliance.The VMXNET virtual network adapter for vNIOS is not supported from NIOS 8.4.x onwards.

Page 348: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 348

NOTES:

You can freely assign resources to these virtual appliances to suit your business needs, as long as the resources are within the limits of the licenses being installed on the appliances.TE appliances are also known as the IB appliances.For IB-V4010, in NIOS 7.x versions, the number of CPU cores is 6.

1For KVM hypervisor only. Not supported for KVM-based OpenStack. Does not support Elastic Scaling.

2vNIOS virtual appliance for Hyper-V is not recommended as a Grid Master or Grid Master Candidate. IB-VM-820 with 55 GB disk is not supported as the Grid Master or Grid Master Candidate for the vNIOS for KVM. The Identity Mapping feature is supported on the IB-VM-810 and IB-VM-820 appliances only if they are configured as Grid members, not as the Grid Master.

3Does not support Elastic Scaling.

4NIOS for KVM is supported in the following environments: OpenStack, RHEL, SuSE Enterprise and Cloud, and CentOS. Note that only IB-V1405 as a Reporting server has been qualified for OpenStack.

ND virtual appliances are designed for Network Insight only. Discovery is supported in OpenStack only with SRIOV enabled.5

For information about the limitations on each vNIOS appliance, see  .vNIOS for VMware Limitations

Note

The following appliances are supported in NIOS 8.4. However, the last order date has passed and as such, these appliances are no longer available for new sales:

PT-1400, PT-2200, PT-4000, PT-4000-10GE, ND-800, ND-1400, ND-2200, TE-100, TE-810, TE-820, TE-1410, TE-1420, TE-2210, TE-2220, TR-2200, IB-4010, IB-4020, TR-4000, IB-4030, and IB-4030-10GE.The following appliances are supported only when you upgrade to NIOS 8.4 from an earlier version. They are supported on a new notNIOS 8.4 installation:ND-V800, ND-V1400, ND-V2200, TE-V810, TE-V820, TE-V1410, TE-V1420, TE-V2210, TE-V2220, TR-V2200, IB-V4010, IB-V4020, TE-V800,TE-V1400, TE-V2200, CP-V800, CP-V1400, and CP-V2200.

Page 349: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 349

vNIOS for Appliances LimitationsThis topic lists the limitations on each vNIOS appliance:

vNIOS for VMWare LimitationsvNIOS for Riverbed LimitationsvNIOS for Hyper-V LimitationsvNIOS for Xen

vNIOS for VMWare LimitationsThe Infoblox vNIOS for VMware can also run on Cisco SRE-V (Services Ready Engine Virtualization), which is part of the Cisco UCS (Unified Computing System) Express. For more information about vNIOS for VMware, refer to the .Infoblox Installation Guide for vNIOS Software on VMwarevNIOS for VMware appliances support most of the features of the Infoblox NIOS appliances, with the following limitations:

You must have a vNIOS license installed on the appliance before you can access the Infoblox GUI.vNIOS appliances do not support the following features:

Configuration of port settings for MGMT, LAN, LAN2, and HA portsThe bloxTools environment

The IB-BOB virtual appliance is supported on Cisco SRE-V and can function as a Grid member only. It does not support configuration as an independent appliance, an HA pair, a Grid Master, or a Grid Master candidate. It also does not support access to the Infoblox GUI.The IB-VM-250 virtual appliance supports all the services provided by vNIOS virtual appliances, but it is not recommended as a Grid Master or Grid Master candidate.When you configure an HA pair, both nodes in the HA pair must be vNIOS instances. You cannot configure a physical NIOS appliance and a vNIOS instance in an HA pair.vNIOS appliances run on virtual hardware. They do not have sensors to monitor the physical CPU temperature, fan speed, and system temperature.Changing the vNIOS appliance settings through the VMware vSphere or vCenter console may violate the terms of the vNIOS licensing and support models. The vNIOS appliance may not join the Grid or function properly.

vNIOS for Riverbed LimitationsvNIOS appliances on Riverbed have the following limitations:

They can function as Grid members only. You cannot configure them as HA (high availability) pairs, Grid Masters, Grid Master candidates, or independent appliances.On a Grid with a vNIOS appliance on Riverbed as a Grid member, the maximum storage space for HTTP, FTP and TFTP is 1 GB (a Grid with only Infoblox appliances provides a maximum of 5 GB for these services), core files are 100 MB each, and syslog and inflobox.log files are 20 MB each. Scheduled backup file is 100 MB.The LAN interface is the only network interface available on the vNIOS appliance. You cannot configure the speed and transmission type (full or half duplex) of the network interface.You can use the traffic capture tool of the vNIOS software package to capture traffic only on the LAN port of the vNIOS appliance.vNIOS appliances on Riverbed do not support the following features:

Anycast addressingConfiguration as a DHCP lease history logging memberDedicated MGMT portNTP servicebloxTools environmentConfiguration for managing Microsoft Windows DNS servers®

vNIOS for Hyper-V LimitationsvNIOS for Microsoft Windows 2008 R2 and 2012 R2 server appliances support most of the features of the Infoblox NIOS appliances, with the following limitations:

You must have a vNIOS license installed on the appliance before you can access the Infoblox GUI.vNIOS appliances do not support the following features:

Configuration of port settings for MGMT, LAN, LAN2, and HA portsThe bloxTools environment

All the IB-VM appliance models support all the services provided by vNIOS virtual appliances, but Grid Master or Grid Master Candidate is not supported.The Captive Portal is supported only on IB-VM-1410 virtual appliances.vNIOS appliances run on virtual hardware. They do not have sensors to monitor the physical CPU temperature, fan speed, and system temperature.Changing the vNIOS appliance settings through the Hyper-V Manager or Virtual Machine Manager Administrator console may violate the terms of the vNIOS licensing and support models. The vNIOS appliance may not join the Grid or function properly.

vNIOS for Xen

Page 350: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 350

vNIOS virtual appliance for Xen supports most of the features of the Infoblox NIOS appliances, with the following limitations:

vNIOS appliances do not support the following features:Configuration of port settings for MGMT, LAN, LAN2, and HA portsThe bloxTools environment

When you configure an HA pair, both nodes in the HA pair must be vNIOS instances. You cannot configure a physical NIOS appliance and a vNIOS instance in an HA pair.vNIOS appliances run on virtual hardware. They do not have sensors to monitor the physical CPU temperature, fan speed, and system temperature.Changing the vNIOS appliance settings through the vNIOS for Xen virtual appliance console may violate the terms of the vNIOS licensing and support models. The vNIOS appliance may not join the Grid or function properly.

Page 351: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 351

vNIOS for VMware LimitationsThe Infoblox vNIOS for VMware can also run on Cisco SRE-V (Services Ready Engine Virtualization), which is part of the Cisco UCS (Unified Computing System) Express. For more information about vNIOS for VMware, refer to the .Infoblox Installation Guide for vNIOS Software on VMware

vNIOS for VMware appliances support most of the features of the Infoblox NIOS appliances, with the following limitations:

You must have a vNIOS license installed on the appliance before you can access the Infoblox GUI.vNIOS appliances do not support the following features:

Configuration of port settings for MGMT, LAN, LAN2, and HA portsThe bloxTools environment

The IB-BOB virtual appliance is supported on Cisco SRE-V and can function as a Grid member only. It does not support configuration as an independent appliance, an HA pair, a Grid Master, or a Grid Master candidate. It also does not support access to the Infoblox GUI.The IB-VM-250 virtual appliance supports all the services provided by vNIOS virtual appliances, but it is not recommended as a Grid Master or Grid Master candidate.When you configure an HA pair, both nodes in the HA pair must be vNIOS instances. You cannot configure a physical NIOS appliance and a vNIOS instance in an HA pair.vNIOS appliances run on virtual hardware. They do not have sensors to monitor the physical CPU temperature, fan speed, and system temperature.Changing the vNIOS appliance settings through the VMware vSphere or vCenter console may violate the terms of the vNIOS licensing and support models. The vNIOS appliance may not join the Grid or function properly.

Page 352: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 352

vNIOS for Hyper-V LimitationsvNIOS for Microsoft Windows 2008 R2 and 2012 R2 server appliances support most of the features of the Infoblox NIOS appliances, with the following limitations:

You must have a vNIOS license installed on the appliance before you can access the Infoblox GUI.vNIOS appliances do not support the following features:

Configuration of port settings for MGMT, LAN, LAN2, and HA portsThe bloxTools environment

All the IB-VM appliance models support all the services provided by vNIOS virtual appliances, but Grid Master or Grid Master Candidate is not supported.The Captive Portal is supported only on IB-VM-1410 virtual appliances.vNIOS appliances run on virtual hardware. They do not have sensors to monitor the physical CPU temperature, fan speed, and system temperature.Changing the vNIOS appliance settings through the Hyper-V Manager or Virtual Machine Manager Administrator console may violate the terms of the vNIOS licensing and support models. The vNIOS appliance may not join the Grid or function properly.

Page 353: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 353

vNIOS for Xen LimitationsvNIOS virtual appliance for Xen supports most of the features of the Infoblox NIOS appliances, with the following limitations:

vNIOS appliances do not support the following features:Configuration of port settings for MGMT, LAN, LAN2, and HA portsThe bloxTools environment

When you configure an HA pair, both nodes in the HA pair must be vNIOS instances. You cannot configure a physical NIOS appliance and a vNIOS instance in an HA pair.vNIOS appliances run on virtual hardware. They do not have sensors to monitor the physical CPU temperature, fan speed, and system temperature.Changing the vNIOS appliance settings through the vNIOS for Xen virtual appliance console may violate the terms of the vNIOS licensing and support models. The vNIOS appliance may not join the Grid or function properly.

Page 354: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 354

vNIOS for Riverbed LimitationsvNIOS appliances on Riverbed have the following limitations:

They can function as Grid members only. You cannot configure them as HA (high availability) pairs, Grid Masters, Grid Master candidates, or independent appliances.On a Grid with a vNIOS appliance on Riverbed as a Grid member, the maximum storage space for HTTP, FTP and TFTP is 1 GB (a Grid with only Infoblox appliances provides a maximum of 5 GB for these services), core files are 100 MB each, and syslog and inflobox.log files are 20 MB each. Scheduled backup file is 100 MB.The LAN interface is the only network interface available on the vNIOS appliance. You cannot configure the speed and transmission type (full or half duplex) of the network interface.You can use the traffic capture tool of the vNIOS software package to capture traffic only on the LAN port of the vNIOS appliance.vNIOS appliances on Riverbed do not support the following features:

Anycast addressingConfiguration as a DHCP lease history logging memberDedicated MGMT portNTP servicebloxTools environmentConfiguration for managing Microsoft Windows DNS servers®

Page 355: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 355

Guidance DocumentationCommon Criteria provides an independent and objective evaluation of the security of Information Technology (IT) products. It gives assurance that the product satisfies a set of internationally recognized security standards.

This section provides additional guidance on the secure installation of the Target of Evaluation (TOE) for Common Criteria Evaluation Assurance Level (EAL) 2. The TOE includes the following Infoblox appliances: Trinzic 810, 820, 1410, 1420, 2210 and 2220; IB-4010, 4030 and 4040; PT-1400, 2200, 4000 and 4000-10GE; ND-800, 1400, 2200, and 4000 with NIOS version 7.1, which are network appliances that provide delivery of IP network services and management.

To ensure that your appliance is Common Criteria compliant, make sure that your hardware and software settings match the evaluated configuration that was certified for Common Criteria.

This section  provides clarifications and changes to the Infoblox Administrator Guide and Infoblox CLI Guide, and should be used as the guiding document for installation of the TOE in the Common Criteria evaluated configuration.

This section contains the following topics:

Secure Syslog TransportSyslogAudit LogBacking Up and Restoring the DatabaseAbout DNSWebUI SettingsLicenses and ServicesEnabling / Disabling Common Criteria ModeAdministrationSecurity Guidelines

Note

Standalone NIOS appliance is the Common Criteria compliant configuration for the TOE, which does not support the Grid configuration.

Page 356: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 356

Secure Syslog TransportThe TOE provides the secure syslog transport feature using the TLS protocol. This allows secure transmission of messages between the syslog client, i.e. your NIOS appliance, and an external syslog server. You must use this feature to be Common Criteria compliant.To ensure secure syslog transport, you add a trusted CA certificate of the server to your NIOS appliance. The certificate is then used to establish a secure connection to the server before transmitting data. For more information, see . Specifying Syslog Servers

https://docs.infoblox.com/display/nios84/Using+a+Syslog+Server#UsingaSyslogServer-bookmark2782
Page 357: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 357

SyslogNIOS generate syslog messages that you can view through the Syslog viewer and download to a directory on your management station. For appliancesmore information about syslog, see .Using a Syslog Server

Following are the events that are logged and examples of their corresponding syslog messages: Establishment/Termination of an HTTPS Session

Generation of RSA key failed.Event: "Oct 19 09:15:01 EPBYMINW0065T1 httpd[2115]: cryptographic key generation failed" Message:

Session is terminated.Event: "Oct 19 09:15:01 EPBYMINW0065T1 httpd[2115]: Session terminated (remote address: 10.6.11.249)" Message:

Failed to establish a session.Event: "Oct 19 08:50:21 EPBYMINW0065T1 httpd[2314]: Failed to establish a session (remote address: 10.6.11.249), error 1115 (SSL routines:Message:

SSL3_GET_SERVER_CERTIFICATE:certificate verify failed)" Session is established.Event:

"Oct 19 08:54:42 EPBYMINW0065T1 httpd[2314]: Session has been established (remote address: 10.6.11.249)" Message: Establishment/Termination of a TLS Session

Generation of RSA key failed.Event: "Oct 19 08:38:08 EPBYMINW0065T1 openvpn[1415]: cryptographic key generation failed" Message:

Session has been established.Event: "Oct 19 08:38:08 EPBYMINW0065T1 openvpn[1552]: Session has been established (remote address: 10.6.11.249)" Message:

HMAC failure:Event: "Oct 19 08:41:01 EPBYMINW0065T1 openvpn[1567]: cryptographic key generation failed: HMAC" Message:

Signing failure (constructed message, it is not trivial to obtain it into the syslog).Event: "Oct 19 08:45:01 EPBYMINW0065T1 openvpn[1582]: cryptographic operation failed: signature" Message:

Encryption failure.Event: "Oct 19 08:46:41 EPBYMINW0065T1 openvpn[1612]: cryptographic operation failed: encryption" Message:

Decryption failure.Event: "Oct 19 08:46:41 EPBYMINW0065T1 openvpn[1612]: cryptographic operation failed: decryption" Message:

Session was not established.Event: "Oct 19 08:50:21 EPBYMINW0065T1 openvpn[1701]: Failed to establish a session (remote address: 10.6.11.249), error 1115 (SSL routines:Message:

SSL3_GET_SERVER_CERTIFICATE:certificate verify failed)" Packet was not verified.Event:

"Oct 19 08:55:25 EPBYMINW0065T1 openvpn[1815]: Packet verification fails (remote address: 10.6.11.249)"Message: Random Number Generation Process

[2011/10/19 10:13:46.282] (26360 /infoblox/one/bin/ib_prngd_control) : ib_prngd daemon is not running while CC mode is enabled[2011/10/19 10:13:46.324] (26368 /infoblox/one/bin/ib_prngd) main.c:202 main(): ib_prngd daemon starting up...[2011/10/19 10:13:46.700] (26368 /infoblox/one/bin/ib_prngd) main.c:214 main(): Setting FIPS mode OK [2011/10/19 10:13:48.400] (26368 /infoblox/one/bin/ib_prngd) main.c:214 main(): Setting FIPS mode FAILED [2011/10/19 10:13:46.700] (26368 /infoblox/one/bin/ib_prngd) main.c:125 rename_rnd_dev(): Moving/dev/random to /dev/random_backup OK[2011/10/19 10:13:46.700] (26368 /infoblox/one/bin/ib_prngd) main.c:127 rename_rnd_dev(): Moving/dev/urandom to /dev/urandom_backup OK[2011/10/19 10:13:46.700] (26368 /infoblox/one/bin/ib_prngd) main.c:234 main(): Creating FIFO/dev/ib_random OK[2011/10/19 10:13:46.700] (26368 /infoblox/one/bin/ib_prngd) main.c:158 symlink_rnd_dev(): Symlinking/dev/random to /dev/ib_random OK[2011/10/19 10:13:46.700] (26368 /infoblox/one/bin/ib_prngd) main.c:160 symlink_rnd_dev(): Symlinking/dev/urandom to /dev/ib_random OK[ TIME NOT KNOWN ] (26368) main.c:signal_handler{}: ib_prngd received SIGTERM signal....exiting. [ TIME NOT KNOWN ] (26368) main.c:signal_handler{}: ib_prngd received SIGINT signal....exiting. [ TIME NOT KNOWN ] (26368) main.c:signal_handler{}: ib_prngd received SIGQUIT signal....exiting.[ TIME NOT KNOWN ] (26368) main.c:signal_handler{}: ib_prngd received an unknown signal....exiting. [2011/10/19 10:13:49.205] (26368 /infoblox/one/bin/ib_prngd) main.c:135 rename_rnd_dev(): Renaming/dev/random back OK[2011/10/19 10:13:49.205] (26368 /infoblox/one/bin/ib_prngd) main.c:141 rename_rnd_dev(): Renaming/dev/urandom back OK[2011/10/19 10:13:49.205] (26368 /infoblox/one/bin/ib_prngd) main.c:255 main(): Removing custom FIFO/dev/ib_random OK[2011/10/19 10:13:49.205] (26368 /infoblox/one/bin/ib_prngd) main.c:255 main(): Removing custom FIFO/dev/ib_random FAILED[2011/10/19 10:13:49.205] (26368 /infoblox/one/bin/ib_prngd) main.c:141 rename_rnd_dev(): Renaming/dev/urandom back FAILED[2011/10/19 10:13:49.205] (26368 /infoblox/one/bin/ib_prngd) main.c:135 rename_rnd_dev(): Renaming/dev/random back FAILED[2011/10/19 10:25:22.931] (26557 /infoblox/one/bin/ib_prngd) main.c:189 main(): Error!/infoblox/one/bin/ib_prngd is already running[2011/10/19 10:26:58.107] (26560 /infoblox/one/bin/ib_prngd) main.c:52 self_test(): OpenSSL FIPS mode functionality self test OK[2011/10/19 10:26:58.107] (26560 /infoblox/one/bin/ib_prngd) main.c:52 self_test(): OpenSSL FIPS mode functionality self test FAILED

Failures on Invoking Functionality Invalid size specified for algorithm HMAC-SHA256.Event:

2011-10-19T17:57:12-04:00 user EPBYMINW2856 httpd[]: err TSIG key generation failure: Size 512 can not be used with algorithm HMAC-Message:SHA256

Invalid algorithm specified in Common Criteria mode.Event: 2011-10-19T18:12:22-04:00 user EPBYMINW2856 httpd[]: err TSIG key (keylen = 256, algname = HMAC-MD5) generation error : Only HMAC-Message:

SHA256 available in CC mode.Open VPN

https://docs.infoblox.com/display/nios84/Using+a+Syslog+Server
Page 358: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 358

Generation of RSA key failedEvent: Oct 19 08:38:08 EPBYMINW0065T1? openvpn[1415]: cryptographic key generation failed Message:

Session has been establishedEvent: Oct 19 08:38:08 EPBYMINW0065T1? openvpn[1552]: Session has been established (remote address: 10.6.11.249) Message:

HMAC failureEvent: Oct 19 08:41:01 EPBYMINW0065T1? openvpn[1567]: cryptographic key generation failed: HMAC Message:

Signing failureEvent: Oct 19 08:45:01 EPBYMINW0065T1? openvpn[1582]: cryptographic operation failed: signature Message:

Encryption failureEvent: Oct 19 08:46:41 EPBYMINW0065T1? openvpn[1612]: cryptographic operation failed: encryption Decryption failure Message: Event: Oct 19 08:46:41 EPBYMINW0065T1? openvpn[1612]: cryptographic operation failed: decryption Message:

Session was not establishedEvent: Oct 19 08:50:21 EPBYMINW0065T1? openvpn[1701]: Failed to establish a session (remote address: 10.6.11.249), error 1115 (SSL routines:Message:

SSL3_GET_SERVER_CERTIFICATE:certificate verify failed) Packet was not verifiedEvent:

Oct 19 08:55:25 EPBYMINW0065T1? openvpn[1815]: Packet verification fails (remote address: 10.6.11.249)Message:HTTPS

Generation of RSA key failedEvent: Oct 19 09:15:01 EPBYMINW0065T1? httpd[2115]: cryptographic key generation failed Message:

Session is terminatedEvent: Oct 19 09:15:01 EPBYMINW0065T1? httpd[2115]: Session terminated (remote address: 10.6.11.249) Message:

Failed to establish a sessionEvent: Oct 19 08:50:21 EPBYMINW0065T1? httpd[2314]: Failed to establish a session (remote address: 10.6.11.249), error 1115 (SSL routines:Message:

SSL3_GET_SERVER_CERTIFICATE:certificate verify failed) Session is establishedEvent:

Oct 19 08:54:42 EPBYMINW0065T1? httpd[2314]: Session has been established (remote address: 10.6.11.249) Message: HMAC failureEvent:

Oct 19 08:55:56 EPBYMINW0065T1? httpd[2356]: cryptographic key generation failed: HMAC Message:DNS

2011-10-18T13:37:33+00:00 daemon (none) named[4456]: err client 10.32.2.108#47160: request has invalid signature: TSIG sha256cc: tsig Message:verify failure (BADKEY) 2011-10-18T13:37:33+00:00 daemon (none) named[4456]: err client 10.32.2.108#47160: request has invalid signature: TSIG sha256cc: tsig verify failure (BADKEY)DHCP

2011-10-18T11:18:38+00:00 daemon (none) dhcpd[20440]: err No tsec for use with key sha128cc 2011-10-31T18:32:17+00:00 Message: Message:daemon (none) dhcpd[20440]: err Invalid operation in ddns code.Upgrade

2011-10-26T12:33:30-04:00 user EPBYMINW2994t1 infoblox_crypt[]: err cryptographic operation failed: decryptionMessage: 2011-10-26T12:34:33-04:00 user EPBYMINW2994t1 infoblox_crypt[]: err cryptographic operation failed: encryptionMessage: 2011-10-26T12:35:53-04:00 user EPBYMINW2994t1 infoblox_crypt[]: err cryptographic operation failed: RSA verify signatureMessage: 2011-10-26T12:38:56-04:00 user EPBYMINW2994t1 infoblox_crypt[]: err cryptographic operation failed: RSA signing Message:

Quotas When the administration backend is overloaded by too much combined GUI and API traffic, a message like this is logged to syslog (it is not Event:

associated with any user). 2011-10-31T23:42:21+00:00 user (none) httpd[]: warning Too many administration connections Disk space limit was changed and is Message: Event:

below the disk usage. 2011-11-02T00:24:54+00:00 user manojk-vm httpd[]: err Storage Limit has been lowered and usage now exceeeds the limit, Usage: 150 MB, Message:

Limit :100 MB Disk space limit reached.Event:

2011-11-02T00:24:54+00:00 user manojk-vm httpd[]: err Exceed the TFTP Storage limit, User name:user1, Used Storage:2048 B, File name :a.Message:zip, File size :272629904 B, Limit :102400 B

Open SSL FIPS self test failed.Event:

FIPS routines:EVP_DigestInit_ex:fips selftest failed:digest.c:18: Tried to use non-FIPS algorithm in FIPS mode.Message: Event: 140576691959464:error:140A9129:SSL routines:SSL_CTX_new:only tls allowed in fips mode:ssl_lib.c:1527:Message: 139852903503528:error:0A07C06E:dsa routines:func(124):reason(110):dsa_key.c:131: Used DES-CBC-SHA cipher suite in FIPS mode.Message: Event: 140418599392936:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1282:Message:

Error setting digest MD5.Event: 140403566474920:error:060800A0:digital envelope routines:EVP_DigestInit_ex:unknown cipher:digest.c:248:Message:

Replay Detection OpenVPNEvent:

Mon Oct 22 22:30:00 2007 us=939054 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #0 / time = (4196958004) Wed Message:Nov 23 16:11:48 1966 ] silence this warning with --mute-replay-warnings, error_prefix, packet_id_net_print (&pin, true, &gc)

OpenVPNEvent: Mon Oct 22 22:30:00 2007 ACK reliable_can_send is a replay : [1] 0 HTTPSMessage: Event: Mon Oct 22 22:30:00 2007 Digest: Warning possible replay attack: nonce-count check failed: 12345678Message:

= 123456789 GSS-TSIG

2011-10-18T13:37:33+00:00 named[4456]: err signature invalid: message integrityMessage: 2011-10-18T14:32:22+00:00 named[4456]: err authentication failed for aes128-cts-hmac-sha1-96: unknown principalMessage: 2011-10-18T14:42:12+00:00 named[4456]: err signature failed to verify(1) 2011-10-18T14:45:54+00:00 named[4456]: err signature Message: Message:

is in the future User Login

2011-10-19T08:27:23-04:00 user spradhan-vm serial_console[]: info User admin set_repsafe_mode: On 2011-10-19T08:29:54-04:00 Message: Message:user spradhan-vm serial_console[]: info User admin set_repsafe_mode: Off

2011-10-19T08:38:02-04:00 user spradhan-vm serial_console[]: info audit has been truncated to approximately 2011-10-19T08:29:00-04:00 Message: 2011-10-19T08:41:47-04:00 user spradhan-vm serial_console[]: info syslog has been truncated to approximately 2011-10-19T08:41:00-04:00Message:

File Rotation Audit log is rotated.Event:

Page 359: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 359

2011-11-01T18:23:00-07:00 user manojk-vm perl[18990]:info audit has been truncated to approximately 2011-11-01T18:23:00-07:00Message: Syslog is rotated.Event:

2011-11-01T18:23:00-07:00 user manojk-vm perl[18990]:info syslog has been truncated to approximately 2011-11-01T18:23:00-07:00Message:Zeroization

Logged in case of errorEvent: 2011-11-01T15:32:59-04:00 daemon manojk-vm ntpd[18990]:err Error erasing /storage/etc/ntp.keys using shredMessage:

First Login [2011/10/19 08:44:45.866] (32289 /usr/bin/httpd)Message:

/infoblox/common/lib/python/infoblox/one/admin_conn/userauth.py:415 _log(): [user] First_Login to=AdminConnector auth=LOCAL group=admin-group apparently_via=GUI

Password Expired [2011/10/20 09:17:29.257] (15750 /usr/bin/httpd)Message:

/infoblox/common/lib/python/infoblox/one/admin_conn/userauth.py:415 _log(): [user] Password_Expired to=AdminConnector ip=127.0.0.1 auth=LOCAL group=admin-group apparently_via=GUI

Password Reset [2011/10/19 08:44:45.962] (32289 /usr/bin/httpd)Message:

/infoblox/common/lib/python/infoblox/one/admin_conn/userauth.py:415 _log(): [user] Password_Reset to=AdminConnector auth=LOCAL group=admin-group apparently_via=GUI

Failed Password Reset [2011/10/19 09:07:33.343] (32526 /usr/bin/httpd)Message:

/infoblox/common/lib/python/infoblox/one/admin_conn/userauth.py:415 _log(): [user] Password_Reset_Error to=AdminConnector auth=LOCAL group=admin-group apparently_via=GUI

Page 360: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 360

Audit LogThe audit log contains a record of all TOE administrative activities. The stored audit records in the audit trail are protected from unauthorized modifications and deletion. For more information about the audit log, see . Using the Audit LogFollowing are the events that are logged and examples of their corresponding audit log messages:

Identification and Authentication Invalid password when logging in to the WebUI Event: .

"2011-10-19 14:02:32.750Z [admin]: Login_Denied - - to=Serial\040Console apparently_via=Directerror=invalid\040login\040or\040password"Message:

Number of attempts exceeds the limit when logging in to the WebUI Event: . "2011-10-19 14:05:23.217Z [admin]: Login_Denied - - to=Serial\040Console apparently_via=Directerror=failed\040logins\040exceed\040limit"Message:

Invalid password when logging in to the CLI. Event: "2011-10-19 14:02:32.750Z [admin]: Login_Denied - - to=Serial\040Console apparently_via=Directerror=invalid\040login\040or\040password"Message:

Number of attempts exceeds the limit when logging in to the CLI. Event: "2011-10-19 14:05:23.217Z [admin]: Login_Denied - - to=Serial\040Console apparently_via=Directerror=failed\040logins\040exceed\040limit"Message:

Enable Common Criteria mode:Event: 2011-10-19 19:48:37.299Z [admin]: Login_Allowed - - to=Serial\040Console apparently_via=Directauth=Local group=.admin-groupMessage:

2011-10-19 19:48:48.705Z [admin]: Called - set_cc_mode: Args cc_mode_enabled="true" Message: Disable Common Criteria mode:Event:

Message: 2011-10-19 19:48:37.299Z [admin]: Login_Allowed - - to=Serial\040Console apparently_via=Directauth=Local group=.admin-groupMessage: 2011-10-19 19:48:48.705Z [admin]: Called - set_cc_mode: Args cc_mode_enabled="false"

Login successful Event: 2011-10-19 19:48:48.706Z [USER\040admin]: rebooted the systemMessage:

2011-11-01 17:09:21.696Z [admin]: Login_Allowed - - to=Serial\040Console apparently_via=Direct auth=Localgroup=.admin-group

First login Event: 2011-10-19 12:43:47.375Z [user]: First_Login - - to=AdminConnector ip=127.0.0.1 auth=LOCALgroup=admin-group apparently_via=GUI first Message:

login

Password expired Event: 2011-10-20 13:17:29.257Z [user]: Password_Expired - - to=AdminConnector ip=127.0.0.1 auth=LOCALgroup=admin-group apparently_via=GUIMessage:

Password was successfully reset. Event: 2011-10-19 12:44:45.962Z [user]: Password_Reset - - to=AdminConnector auth=LOCALgroup=admin-group apparently_via=GUIMessage:

New password did not conform to the rule. Event:2011-10-19 13:07:33.343Z [user]: Password_Reset_Error - - to=AdminConnector auth=LOCALgroup=admin-group apparently_via=GUIMessage:

Quotas Upload file limit reached. Event:

user manojk-vm httpd[]: err User {0} tried to upload the file. File {1} with size 272629904 kBytes is greater than maximum size allowed. Message:Maximum size is 102400 kBytes.

LDAP Establishment of sessionEvent:

2011-10-27T07:50:59-04:00 user epbyminw0065t2 python[]: notice Connection established:successMessage:

Failure to establish a session  Event: 2011-10-27T07:50:38-04:00 user epbyminw0065t2 python[]: err 10.6.11.249: AD user authentication timed out Message: 2011-10-27T07:51:02-04:00 user epbyminw0065t2 python[]: err Connection timed out Message:

https://docs.infoblox.com/display/nios84/Monitoring+Tools#MonitoringTools-bookmark2812
https://docs.infoblox.com/display/nios84/Monitoring+Tools#MonitoringTools-bookmark2812
Page 361: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 361

Crypto Failure (Type and name of crypto algorithm that failed cannot be logged, since openldap uses SSL/TLS protocol functions from OpenSSL Event:and did not use crypto functions directly.)

2011-10-27T07:51:00-04:00 user epbyminw0065t2 python[]: err SSL handshake failed. Message: 2011-10-27T07:51:02-04:00 user epbyminw0065t2 python[]: err SSL handshake failed. Cannot verify server certificate.Message:

GSS-TSIG

Invalid size specified for algorithm HMAC-SHA256 Event: 2011-10-19T17:57:12-04:00 user EPBYMINW2856 httpd[]: err TSIG key generation failure: Size 512 can not be used with algorithm HMAC-Message:

SHA256

Invalid algorithm specified in Common Criteria mode Event: 2011-10-19T18:12:22-04:00 user EPBYMINW2856 httpd[]: err TSIG key (keylen = 256, algname = HMAC-MD5) generation error : Only HMAC-Message:

SHA256 available in CC mode.

Algorithm restriction Event: Only AES128_CTS_HMAC_SHA1_96 or AES256_CTS_HMAC_SHA1_96 algorithms are allowed in CC mode. Current algorithm is Message:

DES_CBC_CRC.

TSIG CSV Import/Export

Import error (TSIG algorithm is not allowed in Common Criteria mode) Event: [2011/10/20 09:38:42.496] (24473 /usr/bin/python)/infoblox/common/lib/python/infoblox/one/csv_import_function.py:601 write_to_error_file(): Message:

Import Error:authzone, ,FORWARD,,,,,,,False,False,False,,1.2.3.4/1.2.3.4/False/False/True/ext_sec_key/ut29ROLaJwty6a%2Fhsgg0wA==,zone.cominfoblox.localdomain,False,,,,,,,,,,,,,2,,default,Authoritative-Line 2: Insertion aborted due to IBDataError?: IB.Data:TSIG algorithm used for TSIG key name 'ext_sec_key' is not allowed in CC mode.

“set” commands 2011-10-19 13:14:04.030Z [admin]: Called - set_snmptrap: Args variable="sysName.0", address="10.120.20.31" Message: 2011-10-19 13:16:16.545Z [admin]: Called - set_scheduled: Args task_restarts="0 from 60" Message: 2011-10-19 13:17:19.391Z [admin]: Called - set_mld_version_1: MLD version set to 1 Message: 2011-10-19 13:18:28.171Z [admin]: Called - set_support_access: Args support_access="true from false" Message: 2011-10-19 13:19:46.669Z [admin]: Called - set_session_timeout: Args session_timeout="650 from 600" Message: 2011-10-19 13:23:11.596Z [admin]: Called - set_phonehome: Args phonehome_disabled="true from false" Message: 2011-10-19 13:24:02.372Z [admin]: Called - set_remote_console: Args remote_console="true from false" Message: 2011-10-19 13:25:31.704Z [admin]: Called - set_security: Args address="10.120.20.31",netmask="255.255.255.0" Message: 2011-10-19 13:26:12.673Z [admin]: Called - set_safemode Message: 2011-10-19 13:28:12.302Z [admin]: Called - set_prompt: Args prompt=ip Message: 2011-10-19 13:30:22.221Z [admin]: Called - set BGP: Args log_level="debugging" Message: 2011-10-19 13:31:20.142Z [admin]: Called - set OSPF: Args log_level="informational" Message: 2011-10-19 13:32:10.319Z [admin]: Called - set_nosafemode Message: 2011-10-19 13:38:42.998Z [admin]: Called - set_network: Args ip_address="10.120.20.34 from 10.120.20.31",netmask="255.255.255.0 from Message:

255.255.255.0",gateway_address="10.120.20.1 from 10.120.20.1" 2011-10-19 13:41:56.178Z [admin]: Called - set_ip_rate_limit: Args ip_rate_limit="on from off" Message: 2011-10-19 13:43:42.828Z [admin]: Called - set_monitor_dns_alert: Args dns_alert="on from off" Message: 2011-10-19 13:46:34.647Z [admin]: updated physical node 0 Message: 2011-10-19 13:46:34.648Z [admin]: Called - set_interface: Args interface="LAN", speed="100M", duplex="half" Message: 2011-10-19 13:48:03.066Z [admin]: Called - set_dns: Args dns="flush all " Message: 2011-10-19 13:49:35.527Z [admin]: Called - set_debug: Args all="on from off" Message: 2011-10-19 09:53:53.595Z [admin]: Called - set_ibtrap: Args ibtrap="DNS", snmp="true", email="true" Message: 2011-10-19 09:57:00.747Z [admin]: Called - set_thresholdtrap: Args thresholdtrap="CpuUsage", trigger="60", reset="50" Message: 2011-10-19 10:32:50.183Z [admin]: Called - set_maintenancemode: Args maintenancemode="on from off" Message: 2011-10-19 14:05:20.132Z [admin]: Called - set_dhcp_expert_mode: Args dhcp_expert_mode="true from false" Message: 2011-10-19 14:07:02.082Z [admin]: Called - set_dhcp_release_delay: Args delay_time=40 Message: secs 2011-10-19 14:09:24.285Z [admin]: Called - set_gsstsig_key_expiration_time: Args gsstsig_key_expiration_time="3000 from 3600" Message: 2011-10-19 14:10:19.906Z [admin]: Called - set_named_worker_threads: Args named_worker_threads="20 from 0" Message: 2011-10-19 14:11:04.731Z [admin]: Called set_recursion_log_interval: Args recursion_log_interval="60" Message: 2011-10-19 14:14:12.170Z [admin]: Called - set_partial_replication: Args partial_replication="off from on" Message: 2011-10-19 14:15:33.978Z [admin]: Called - set_rep_queue_ixfr_limit: Args rep_queue_ixfr_limit="60 from 1000" Message: 2011-10-19 14:16:16.797Z [admin]: Called - set_watchdog: Args watchdog_enabled="true from false" Message: 2011-10-19 14:17:14.605Z [admin]: Called - set_fsck Message: 2011-10-19 14:19:25.282Z [admin]: Called - set_host_consistency_check: Args host_consistency_check="on from off" Message: 2011-10-19 14:21:00.202Z [admin]: Called - set_internal_apache_http_port: Args internal_apache_http_port="2000 from 9000" Message: 2011-10-19 14:22:18.682Z [admin]: Called - set_internal_jetty_http_port: Args internal_apache_http_port="6060 from 8080" Message: 2011-10-19 14:25:58.704Z [admin]: Called - set_always_ret_nxdomain_for_fmz_ptr: Args always_ret_nxdomain_for_fmz_ptr="true from false" Message:

http://zone.com
Page 362: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 362

2011-10-19 14:28:18.046Z [admin]: Called - set_debug_tools: Args debug_tools="db_binary_dump"  Message: 2011-10-19 14:29:06.511Z [admin]: Called - set_dns_autogen: Args dns_auto_gen="check" Message: 2011-10-19 14:30:54.628Z [admin]: Called - set_named_recv_sock_buf_size: Args udp_so_rcvbuf="122 from (null)"Message:

CLI Top Level Commands 2011-10-19 10:33:29.664Z [admin]: Called - delete_cores_all Message: 2011-10-19 10:38:12.356Z [admin]: Called - delete_cores: Args filename="core.8295.gz" Message: 2011-10-19 10:58:28.064Z [admin]: Called - delete_backup_all Message: 2011-10-19 11:00:17.917Z [admin]: Called - delete_backup: Args filename="BACKUP_6.bkp" Message: 2011-10-19 12:41:47.707Z [admin]: Called - rotate_log: Args log="syslog" Message: 2011-10-19 12:58:11.738Z [admin]: Called - rotate_log: Args log="audit" Message: 2011-10-19 12:58:11.738Z [USER\040admin]: rotated the previous audit log to audit.log.0.gz Message: 2011-10-19 13:51:36.982Z [admin]: Called - reset_database Message: 2011-10-19 13:54:14.023Z [admin]: Called - debug_webui_restart Message: 2011-10-19 13:57:39.407Z [USER\040admin]: rebooted the system Message: 2011-10-19 14:03:41.124Z [admin]: Called - delete_file: Args groupname="bloxtools", filename="/storage/web-portal/udata/logs/access.log"Message:

CLI Emergency Commands 2011-10-19 14:32:31.927Z [Emergency\040User]: Called - set_safemode Message: 2011-10-19 14:33:23.591Z [Emergency\040User]: Called - set_nosafemode Message: 2011-10-19 14:33:41.286Z [Emergency\040User]: Called set_repsafe_mode: Args repsafe_mode = on Message: 2011-10-19 14:34:47.321Z [Emergency\040User]: Called - set_weak Message: 2011-10-19 14:35:25.969Z [Emergency\040User]: Called - set_fsck Message: 2011-10-19 14:35:46.604Z [Emergency\040User]: Called - set_watchdog: Args watchdog_enabled="true from true" Message: 2011-10-19 14:41:13.727Z [Emergency\040User]: Called - reset_database Message:

WAPI DetailedYou can view detailed WAPI session information logs in the audit log for successful WAPI calls such as PUT, POST, and DELETE. For more information, see . Monitoring Tools

Event: Member restart or reboot service: [2018-07-10 16:23:08.112Z] [admin]: Called(POST) v2.9/member {“_function”:”restartservices”, “restart_option": "FORCE_RESTART","Message

service_option": "ALL"} 3.081 MemberRestartServices: Args service_option="ALL",grid_member=Member:infoblox.localdomain,restart_option="FORCE_RESTART"

Event: All succeeded function calls  

Message: [2018-07-28 08:56:44.399Z] [admin]: Called(POST) v2.9/network {"_function":"next_available_ip"} 0.034 NextAvailableIp: Args parent=Network:2.2.2.0/24\054network_view\075default

Event: Enhanced audit log for POST method

Message: [2018-05-29 09:20:12.026Z] [admin]: Created(POST) v2.9/zone_auth {"fqdn":"foo.com"} 2.233 AuthZone foo.com DnsView=default: Set fqdn="foo.com"

Event: Enhanced audit log for PUT method

Message: 2018-06-07 08:45:25.681Z [admin]: Modified(PUT) v2.2/zone_auth {"comment":"testing auditlogs"} 1.930 AuthZone foo.com DnsView=default: Changed comment:NULL->"testing auditlogs"

Event: Enhanced audit log for DELETE method:

Message: 2018-07-24 13:11:26.614Z [admin]: Deleted(DELETE) v2.6/zone_auth {} 0.356 AuthZone foo.com DnsView=default exclude_subobj=False

Host Record Logging

NIOS inserts two records for each host record object and the audit log displays the URI, InData and response time twice, that is, one for the host record and the other one for the host address/host alias records.

https://docs.infoblox.com/display/nios84/Monitoring+Tools
Page 363: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 363

Example of Host Record logging: curl -H "Content-Type: application/json" -k -u admin:infoblox -X POST https://10.120.20.129/wapi/v2.0/record:host -d '{ "ipv4addrs":[ {"ipv4addr" : "1.1.1.0","configure_for_dhcp" : false, "mac" : "aa:0:0:0:1:cc" }], "comment":"this is my one.perfusera comment","view":"default","name":"perfusera.test.com"}'

Message: 2018-07-24 12:27:40.375Z [admin]: Created(POST) v2.0/record:host {"ipv4addrs":[ {"ipv4addr" : "1.1.1.0","configure_for_dhcp" : false, "mac" : "aa:0:0:0:1:cc" }],"comment":"this is my one.perfusera comment","view":"default","name":"perfusera.test.com"} 0.236 HostAddress 1.1.1.0 network_view=default: Set address="1.1.1.0",configure_for_dhcp=False,mac_address="aa:0:0:0:1:cc",match_option="MAC_ADDRESS",parent=HostRecord:._default.com.foo.perfusera

Message: 2018-07-24 12:27:40.375Z [admin]: Created(POST) v2.0/record:host {"ipv4addrs":[ {"ipv4addr" : "1.1.1.0","configure_for_dhcp" : false, "mac" : "aa:0:0:0:1:cc" }],"comment":"this is my one.perfusera comment","view":"default","name":"perfusera.test.com"} 0.236 HostRecord perfusera.foo.com DnsView=default address=1.1.1.0: Set addresses=[address="1.1.1.0"],comment="this is my one.perfusera comment",fqdn="perfusera.foo.com",view=DnsView:default

Requesting an Object

Each WAPI call for a request object shows the timestamp, user, operation, URI, InData, and the response time.

Example of Request object: https://10.35.120.1/wapi/v2.9/request body : [{ "method": "POST", "object": "network", "data": {"network": "22.2.2.0/24"} }, { "method": "POST", "object": "network", "data": {"network": "111.1.111.0/24"} } ]

Message: 2018-10-24 11:18:18.828Z [admin]: Created(POST) v2.9/request [{'object': 'network', 'data': {'network': '22.2.2.0/24'}, 'method': 'POST'}, {'object': 'network', 'data': {'network': '111.1.111.0/24'}, 'method': 'POST'}] 5.5867

Message: 2018-10-24 11:18:18.828Z [admin]: Created Network 22.2.2.0/24 network_view=default: Set address="22.2.2.0",cidr=24

Message: 2018-10-24 11:18:18.828Z [admin]: Created Network 111.1.111.0/24 network_view=default: Set address="111.1.111.0",cidr=24

Scheduling an Object

For a schedule object, PUT/POST/DELETE calls and WAPI session log information, such as URI, InData, and response time, are added only in the first line.

Example of Schedule object: curl -k1 -u admin:infoblox -X POST https://10.35.120.1/wapi/v2.9/network -d network=3.3.8.0/24 -d _schedinfo.scheduled_time=1540386870

Message: 2018-10-24 11:22:01.998Z [admin]: Sched:3 Created(POST) v2.9/network {'_schedinfo.scheduled_time': '1540380251', 'network': '3.3.8.0/24'} 1.7615 Network 3.3.8.0/24 network_view=default: Set address="3.3.8.0",cidr=24

Message: 2018-10-24 11:22:01.998Z [admin]: Sched:3 Created ScheduledTask 3: Set scheduled_time=2018-10-24 11:24:11.000Z,submit_time=2018-10-24 11:22:01.983Z,submitter="admin",type="SCHEDULED

Page 364: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 364

Backing Up and Restoring the DatabaseYou must log in with a superuser account to back up files. The administrator must back up system files to the local appliance.You can restore a backup up file to an appliance running the same NIOS version as that of the appliance from which the backup file originates. You can also restore a backup file from an appliance running a NIOS version to an appliance running a later NIOS version as long as the upgrade from the earlier NIOS version to the later version is supported. Note that if you need to restore a backup file to an appliance, ensure that the backup file that you are restoring is from an appliance that was Common Criteria compliant as well.For more information about backing up and restoring the database, see . Backing Up and Restoring Configuration Files

https://docs.infoblox.com/display/nios84/Backing+Up+and+Restoring+Configuration+Files
Page 365: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 365

About DNSThe TOE provides DNS service. There are two basic methods used to protect DNS communication: TSIG and GSS-TSIG. The TSIG (transaction signature) method signs communications using either HMAC-MD5 or HMAC-SHA25. Both end points must be configured with the key. The GSS-TSIG method (based on the GSS API) uses a Kerberos server to retrieve the key, and is only available in Microsoft environments.When you configure the TOE to use TSIG and GSS-TSIG keys, you must select HMAC-SHA256 as the key algorithm. For information about using TSIG keys to ensure security in several DNS operations, see the following:

To control access to DNS views. For more information, see and . Defining Match Clients Lists Defining a Match Destinations ListTo control to which recursive and non-recursive queriers the TOE is allowed to respond. For more information, see and Specifying Queries Enabli

ng Recursion.To authenticate zone transfer requests and replies. For more information, see Configuring Zone Transfers.To authenticate and verify dynamic DNS updates from DHCP servers. For more information, see . Enabling DNS Servers to Accept DDNS UpdatesWhen a secondary DNS server receives DDNS updates, it must forward the updates to the primary server because it cannot update zone data itself. To specify the source of DDNS updates. For more information, see .Forwarding Updates

For information about using GSS-TSIG, see . About GSS-TSIG

https://docs.infoblox.com/display/nios84/Configuration+Example%3A+Configuring+a+DNS+View#ConfigurationExample:ConfiguringaDNSView-bookmark1695
https://docs.infoblox.com/display/nios84/Configuration+Example%3A+Configuring+a+DNS+View#ConfigurationExample:ConfiguringaDNSView-bookmark1697
https://docs.infoblox.com/display/nios84/Controlling+DNS+Queries#ControllingDNSQueries-bookmark1580
https://docs.infoblox.com/display/nios84/Enabling+Recursive+Queries#EnablingRecursiveQueries-bookmark1584
https://docs.infoblox.com/display/nios84/Enabling+Recursive+Queries#EnablingRecursiveQueries-bookmark1584
https://docs.infoblox.com/display/nios84/Enabling+Zone+Transfers#EnablingZoneTransfers-bookmark1630
https://docs.infoblox.com/display/nios84/Enabling+Zone+Transfers#EnablingZoneTransfers-bookmark1630
https://docs.infoblox.com/display/nios84/Configuring+DNS+Servers+for+DDNS#ConfiguringDNSServersforDDNS-bookmark1956
https://docs.infoblox.com/display/nios84/Configuring+DNS+Servers+for+DDNS#ConfiguringDNSServersforDDNS-bookmark1956
https://docs.infoblox.com/display/nios84/Configuring+DNS+Servers+for+DDNS#ConfiguringDNSServersforDDNS-bookmark1958
https://docs.infoblox.com/display/nios84/About+GSS-TSIG
Page 366: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 366

WebUI SettingsThis section describes the properties that you can set to ensure the security of the Grid Manager web interface.

Creating a Login BannerBefore establishing a user session via the WebUI, the TOE displays an initial banner regarding unauthorized use. The message is displayed before the session is established. You can change this message to your organization's specific advisory notice and warning message regarding unauthorized use of the system. For information about defining the login banner, see . Creating a Login Banner

Modifying the Session Timeout SettingYou can set the length of idle time before an administrative session to the WebUI times out. The default timeout value is 600 seconds (10 minutes). If an admin does not interact with the application for the specified time, the TOE displays a message that a timeout has occurred. The admin is then required to lag back in to Grid Manager. For information about setting the session timeout, see . Modifying the Session Timeout Setting

Managing CertificatesThe TOE generates a self-signed certificate when it first starts. Because the default certificate is self-signed, your browser does not have a trusted CA certificate or a cached NIOS appliance server certificate (saved from an earlier connection) to authenticate the NIOS appliance certificate. Also, the hostname in the default certificate is[ www.infoblox.com,|http://www.infoblox.com/] which is unlikely to match the hostname of your NIOS appliance. Consequently, a message appears warning that the certificate is not from a trusted certifying authority and that the hostname on the certificate is either invalid or does not match the name of the site that sent the certificate. To eliminate certificate warnings, you can replace the default self-signed certificate with a different certificate.After the initial login, you can do one of the following:

Generate another self-signed certificate with the correct hostname and save it to the certificate store of your browser.Request a CA-signed certificate with the correct hostname by generating a Certificate Signing Request (CSR) and sending it to your trusted Certificate Authority (CA). Then when you receive the certificate from the CA, import it to the appliance.

For information about these tasks, see . Managing CertificatesFor Common Criteria compliance, superusers must not use CSRs or certificates with keys smaller than 2048 bits. Limited access users are not allowed to upload a certificate with a key that is smaller than 2048 bits, or create a certificate signing request or self-signed certificate with a key size that is smaller than 2048 bits.

https://docs.infoblox.com/display/nios84/Setting+Login+Options#SettingLoginOptions-bookmark34
https://docs.infoblox.com/display/nios84/Managing+Security+Operations#ManagingSecurityOperations-ModifyingtheSessionTimeoutSetting
https://docs.infoblox.com/display/nios84/Managing+Certificates
Page 367: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 367

Licenses and ServicesThe TOE does not have general computing capabilities, other than the services required for the operation, administration and support of the TOE. In the evaluated configuration, the TOE has only the following licenses installed: DNS, DHCP, Microsoft Management, DNS Cache Acceleration and Query Redirection. It does not have the Multi-Grid Management license installed. For more information about licenses, see . Managing LicensesThe following services are disabled by default in the Common Criteria evaluated configuration and no claims are made regarding their function:

bloxToolsMGM (Multi-Grid Management)HSM (Hardware Security Module) SigningSupport accessRemote console accessRemote authentication using RADIUS and TACACS+

Installing additional licenses or enabling any of the listed services may result in a non-compliant system.

https://docs.infoblox.com/display/nios84/Managing+Licenses
Page 368: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 368

1. 2.

1.

2.

1.

2.

3.

Enabling / Disabling Common Criteria Mode

Before you enable Common Criteria mode, you must reset a NIOS appliance to its original factory settings. This removes the database, network settings, logs, and configuration files. Then, it reboots with its factory settings, which are the default user name and password, and default network settings. If you do not reset the appliance to its original factory settings, the appliance will not be Common Criteria compliant, even if you enable Common Criteria mode.

To reset the NIOS appliance to its factory settings:

Log in to the Infoblox CLI using a superuser account.Enter the following CLI command: 

reset all

You can enable and disable Common Criteria mode from the Infoblox CLI only. Do the following to set Common Criteria mode on the appliance:

Log in to the Infoblox CLI. After executing the command, you can log in to the TOE only by using the default superuser admin name resetall adminand password .infobloxType the following command: 

set cc_mode

The TOE reboots and goes through boot time self tests. If the test fails, the TOE goes into a loop and displays an error message on the serial console and the LCD. Otherwise, it displays the Login prompt after the self tests.To clear Common Criteria mode on an appliance, log in to the Infoblox CLI and execute the command: .reset all

Using the CLIOnly superusers can access the CLI. To ensure security, access to the CLI is permitted through a direct console connection only. Note that activating the option in the Grid or Member Properties editor will result in a non-compliant system.Enable Remote Console AccessTo access the Infoblox CLI through the console port:

Connect a serial cable from the console port on your management system to the console port on the appliance. The appliance has a male DB-9 console port on its front panel.Use the following connection settings to launch an emulation session through a serial terminal emulation program such as Hilgraeve Hyperterminal® (provided with the Windows® operating systems):

Bits per second: 9600Data bits: 8Parity: NoneStop bits: 1Flow control: Xon/Xoff

Use the following default user name and password to log in to the Infoblox appliance:admininfoblox

For more information about the Infoblox CLI, refer to the .Infoblox CLI Guide

Infoblox recommends that you do not change the Common Criteria setting of a NIOS appliance that is in a production environment.

After you log in, change the default user name and password of the default superuser admin to prevent unauthorized access to the TOE. For more information on changing passwords, see .Changing the Password and Email Address

https://docs.infoblox.com/display/nios84/Setting+Login+Options#SettingLoginOptions-ChangingthePasswordandEmailAddress
Page 369: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 369

AdministrationA user must have an admin account to log in to the TOE. Each admin account belongs to an admin group, which contains roles and permissions that determine the tasks a user can perform.The TOE provides a default superuser admin group, called , with one superuser administrator, . The default superuser admin can log admin-group adminin to the TOE, using the default user name and password .admin infobloxSuperuser admins are the security admins and have full access and control of all the operations of a TOE. Note that you must change the default user name and password of the default superuser admin to prevent unauthorized access to the TOE.Only superusers can do the following:

Create admin accounts and groups. For more information, see . Managing AdministratorsSet password parameters. For more information, see . Managing PasswordsCreate the login banner. For more information, see .Creating a Login BannerSet the session timeout. For more information, see .Modifying the Session Timeout Setting

Limited-access admin groups provide their members with read-only or read/write access to specific resources. These admin groups can access the appliance through the GUI, API, or both. They cannot access the appliance through the console. In addition, limited-access admins are not allowed to perform the following tasks:

Download the support bundle.Enable SNMP on the appliance.Upload files that are larger than 100 MB. If the file size is greater than the maximum size allowed, the dialog box closes and an error Uploadmessage is displayed in the feedback panel. The attempt to upload a file that exceeded the maximum will be logged to syslog. Non-superusers only are able to upload files for file distribution and do CSV import.

Setting Password Restrictions for Local AdminsAll admins are required to enter a username and password when they log in to Grid Manager or the CLI. The password is always obscured when an admin logs in. The TOE defaults to locking out the user after three consecutive failed logins.A superuser must define a password policy that is consistent with the security policy of the organization. The password policy specifies the minimum password length and character types, such as lowercase or uppercase characters, that are allowed in the password. In addition, the policy specifies the number of required character changes from the previous password, whether passwords expire and their duration. Additionally, you can require admins to change their passwords when they first log in or after their passwords are reset. For information about defining the password policy, see Managing Passwor

.dsLocal admins must change their passwords according to the defined password policy. A password can be changed as follows:

By the local admin in the User Profile page. For more information, see Changing the Password and Email Address.By the local admin when a password expires or when the admin first logs in. Note that this applies to logging in to the CLI or WebUI.By a superuser admin.

https://docs.infoblox.com/display/nios84/Managing+Administrators
https://docs.infoblox.com/display/nios84/Creating+Local+Admins#CreatingLocalAdmins-ManagingPasswords
https://docs.infoblox.com/display/nios84/WebUI+Settings#WebUISettings-CreatingaLoginBanner
https://docs.infoblox.com/display/nios84/WebUI+Settings#WebUISettings-bookmark3444
https://docs.infoblox.com/display/nios84/Creating+Local+Admins#CreatingLocalAdmins-ManagingPasswords
https://docs.infoblox.com/display/nios84/Creating+Local+Admins#CreatingLocalAdmins-ManagingPasswords
https://docs.infoblox.com/display/nios84/Setting+Login+Options#SettingLoginOptions-ChangingthePasswordandEmailAddress
Page 370: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 370

Security GuidelinesFollowing are security assumptions to ensure that the TOE is administered in a secure manner after it is delivered:

The environment ensures the physical security of the TOE, commensurate with its value and the value of the data that it contains.Administrators are non-hostile, properly trained and trusted to apply all administrator guidance.Administrators will take appropriate measures to prevent unauthorized individuals from accessing the TOE.

Installation and ConfigurationTo ensure the security of the installation and configuration of the TOE:

Administrators must install the appliance according to the procedures in the installation guides.The TOE contains an option for upgrading the system. This is available only for security administrators. The security administrator will be able to upgrade to a validated release package only. The security administrator can verify the TOE by the version number included in the file name as well as through the administrative interface before and after the upgrade.When upgrading, ensure that the .bin2 file is uploaded, and not the .bin file. Refer to the Release Notes of the NIOS version to which the TOE is upgrading for additional upgrade instructions.Users' access to the TOE is controlled by security mechanisms and unauthorized users are denied access to the TOE. For more information, see

.AdministrationThe TOE provides external authentication mechanisms for remote users using SSL with Active Directory. For more information, see Authenticating

. Admins Using Active Directory

https://docs.infoblox.com/display/nios84/Authenticating+Admins+Using+Active+Directory
https://docs.infoblox.com/display/nios84/Authenticating+Admins+Using+Active+Directory
Page 371: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 371

CSV Import ReferenceThis section provides reference information during a CSV import. It covers the following topics:

Documentation ConventionsCustomer CareGuidelines for CSV ImportCSV File FormatSupported Object TypesImporting Multiple Action CSV file

Page 372: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 372

Documentation ConventionsThe text in this guide follows the following style conventions.

Style Usage

bold Indicates examples of the field names.

data Signifies the data in a CSV file.

Page 373: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 373

Customer CareThis section addresses user accounts, software upgrades, licenses and warranties, and technical support.

User AccountsThe Infoblox appliance ships with a default user name and password. Change the default admin account password immediately after the system is installed to safeguard its use. Make sure that the NIOS appliance has at least one administrator account with superuser privileges at all times, and keep a record of your account information in a safe place. If you lose the account password, and did not already create another superuser account, the adminsystem will need to be reset to factory defaults, causing you to lose all existing data on the NIOS appliance. You can create new administrator accounts, with or without superuser privileges. For more information, refer to the .Infoblox Administrator Guide

Software UpgradesSoftware upgrades are available according to the Terms of Sale for your system. Infoblox notifies you when an upgrade is available. Register immediately with Infoblox Technical Support at to maximize your Technical Support.http://www.infoblox.com/support/customer/evaluation-and-registration

Technical SupportInfoblox Technical Support provides assistance via the Web, e-mail, and telephone. The Infoblox Support web site at provides https://support.infoblox.comaccess to product documentation and release notes, but requires the user ID and password you receive when you register your product online at: http://www.infoblox.com/support/customer/evaluation-and-registration.

http://www.infoblox.com/support/customer/evaluation-and-registration
https://support.infoblox.com
http://www.infoblox.com/support/customer/evaluation-and-registration
http://www.infoblox.com/support/customer/evaluation-and-registration
http://www.infoblox.com/support/customer/evaluation-and-registration
Page 374: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 374

Guidelines for CSV ImportThis section provides general guidelines and file format information about each supported object type for CSV import. You must follow the format and syntax described in this section to ensure a successful data import.

You can create a data file using a text editor, such as Microsoft Notepad, or an application that supports CSV file format, such as Microsoft Excel. You can also import data using Infoblox Migration Wizard, which is a standalone software tool that facilitates the migration of DNS and DHCP data from Microsoft servers to the Infoblox Grid. This tool synchronizes DNS and DHCP data from Microsoft servers and generates a CSV file based on conversion rules you set up through the tool. You can then import the CSV data to the Infoblox Grid through CSV import. For more information, refer to the Infoblox Administrator

.Guide for Infoblox Migration Wizard

CSV imports and operations that involve massive data, such as deleting large zones and recursive deletion of networks and all child objects, will significantly affect member performance, resulting in service outage.

Page 375: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 375

General GuidelinesFollow these rules to start a data file:

Do not use UTF-8 characters in the CSV file name, but the contents of a CSV file must be encoded in UTF-8 characters. Note that Microsoft Excel imports data in the default code page, either in ISO-8859-1 or WINDOWS-1252. You must not import a CSV file that is encoded in Windows 1252 or ISO-8859-1 formats.Use a new line to enter data for each row. Separate each data field with a supported separator, such as a comma, semicolon, space, or tab.Do not include blank lines in the data file.Field names: Specify the field names in the second line. You can include multiple rows of field names as long as you define the fields before the data. The first column in the field name row must be defined as "Header." The rest of the columns are field names of the data. Columns without a field name are ignored. If multiple field names are specified, the latest field names are used to import the data.It may take longer than expected to import a large number of DHCP ranges that are associated with a single MAC address filter.When a CSV import starts, the appliance validates the first 100,000 rows of data in the CSV file. If the file contains more than 100,000 rows of data, the appliance validates the rest of the data as the import progresses.The appliance supports up to one million rows of data in each CSV import.Use the add function to add new rows from the imported CSV file to the database.Use the function, not the merge function, to overwrite existing data. When you use the merge function, the appliance does not overwrite Overrideexisting data, even if the data file contains new data.Use the function to delete import jobs that are uploaded. You can delete the content of a CSV file that you have imported to the database. DeleteNote that you cannot delete jobs that are already imported.Use the operation to replace current data in the database with data in the imported file. You can use the replace function for authoritative Replacezone data only. The replace operation might affect system performance if you try to replace a zone with a lot of changes. Infoblox recommends that you perform the replace operation for large import files (more than 10,000 rows of changes) during non-peak hours. This operation does not support DNS records that are automatically generated or exported, but it supports NS records that are created manually.When you import CSV files for NS record updates, you must specify a value for . NIOS displays an error message if you do zone_nameserversnot specify a value for this field when you import the CSV file.When you perform a CSV export of automatically created NS records using Infoblox API, the field will have an empty value. zone_nameserversTherefore, if you import the previously exported CSV file that includes automatically created NS records through the Infoblox GUI, then the CSV import fails and Grid Manager displays an error message.When you perform a CSV import that includes objects that have scheduled changes or updates associated with them, the import fails. Only superusers can cancel the scheduled changes.When you stop an import, the appliance completes the import of the data row it is currently processing before it stops the import. You cannot resume the import from where it stopped.You can download uploaded or error files, snapshots, and results file. For more information, see Infoblox NIOS Administrator Guide.When you import a small file, the appliance processes the import quickly. Under this circumstance, the appliance may generate an error message when you try to stop the import because the import is completed before you can stop it.The error files of the last two imports are stored on the appliance. You can download these files using the APIimport_id method. For information, refer to the .Infoblox API DocumentationWhen you use Microsoft Excel to create or view a data file, ensure that you review the settings of the file. Some data, such as dates, may show up in a different format depending on your settings.All operations triggered by a CSV import are recorded in the audit log.

Page 376: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 376

Data Specific GuidelinesFollow these guidelines to enter data:

The appliance uses double quotes (") as the escape characters in CSV import. If you want to include supported separators in a field, you must enclose the data in a pair of double quotes (" "). This applies to the field names and data. For example, if you want to use the field name ADMGRP

, you must enter as the value. Otherwise, the import fails. When you enter "123""123", the imported data -CSV,;Import "ADMGRP-CSV,;Import"is 123""123, and when you enter "\ \ ", the imported data is \ \.If you have an empty value in the last field, you must still include the separator at the end of the data row. Otherwise, the corresponding column and all its data are not imported, and the appliance generates an error.For each supported object type, you must include all the required fields in the data file. For information, see . Note that all Supported Object Typesrequired fields are marked with an asterisk (*) in an exported file.

When you perform an overwrite function, you must define all boolean and integer data types in each supported object type in order for the appliance to overwrite existing data.Inherited fields: The appliance uses the following conventions to override inherited fields:

When a value is specified in a field, the appliance overrides the inherited value with the new value.When a value is set to " " or an empty value, the appliance does not override the inherited value.When a value is set to a string with a value of <empty>, the appliance overrides the inherited value with an empty value.

Extensible attributes: A field name of EA-XXX indicates an extensible attribute, where XXX is the attribute name. The value of an extensible attribute can be a string, a list, an integer, an email address, a URL, or a date in YYYY-MM-DD format. Note that extensible attributes do not support time zones. Following are some examples:"EA-Site" is a predefined string type for locations. It can have a value of "Santa Clara"."EA-User" is a user defined list type for employee types. It can have a list of values, such as "Local,Remote,Temp". Note that only one value can be specified when importing the extensible attribute."EA-Building" is a predefined integer type for building numbers. It can have a value of "5"."EA-TechPubs" is a user defined email address type. It can have a value of "[email protected]"."EA-IB" is a user defined URL type. It can have a value of " ".www.infoblox.com"EA-Date" is a user defined date type attribute. It can have a value of "2010-11-20".Admin permissions: A field name of ADMGRP-XXX indicates the admin permission of a specific admin group, where XXX is the name of the admin group. The value of an admin permission can be a string or a list of strings with subtypes. If there is a single value in the permission, use RW, RO, or DENY. If there is a subtype in the permission, use a list format, such as "RW, ARecord/RO".DHCP options: A field name of OPTION-XXX-nn indicates a DHCP option, where XXX is the vendor name of the option and nn is the option number. If the option is of the DHCP vendor class, you can omit -XXX in the field name. For example, OPTION-1 implies vendor class = DHCP and option number = 1, and OPTION-CISCO-122 implies vendor class = CISCO and option number = 122.Named ACLs (access control lists): When you import a named ACL or ACEs (access control entries) to a named ACL, ensure that you validate the named ACLs to avoid conflicts and unexpected results. When adding ACEs to a named ACL, all entries are appended to the end of the list. To reorder ACEs in a named ACL through CSV import, you must first export the ACEs, delete all the ACEs in the current ACL, reorder the ACES in the exported .csv file, and than re-import the ACEs to the named ACL. For more information about access control and named ACLs, refer to the

.Infoblox NIOS Administrator Guide

If you want to modify a required field XXX (for either the overwrite or merge function), you must add a corresponding field, new_XXX, to include the new value. For example, "fqdn" is a required field in an A record. If you want to update this field, you must include a new field "_new_fqdn" and define the new value here. The appliance overwrites the existing data in the required field using the values you

fields in the imported CSV files.specify in the new field. Note that the replace function ignores __new_XXX

https://www.infoblox.com/
Page 377: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 377

CSV Import LimitationsEnsure that you understand the following limitations before you start an import:

You can import multiple CSV files at a time, but at any given time you can execute only one single task. The import tasks are queued. Note that only one task at a time will be in the state, while the others are in the state.Import in progress Import pendingYou cannot roll back to previous data.The following data cannot be imported: Microsoft management, DNSSEC, and GSS-TSIG data.You cannot export or import zone configuration for DNSSEC signed zones, although resource records added for a signed zone are supported.Only editable data can be imported. Discovered data cannot be imported or manipulated.If you upload a file and preview the file using the option, and later update the content of the same CSV file, and then try to view the Previewedited file using the same wizard, you may not be able to see the changes. Infoblox recommends that you start a fresh CSV import to Previewupload the edited file and navigate to the wizard to preview the file.PreviewYou cannot perform the CSV import operation on a Microsoft Server zone object, but NIOS allows you to perform the CSV import operation on records within a Microsoft Server zone. You may not see an error message when you perform a CSV import using the replace operation on an Microsoft Server zone.When you promote a new Grid Master during an import, the import stops; and it does not restart on the new Grid Master. When a failover occurs during an import, the import stops on the old active node, and it does not restart on the new active node.When you configure Unbound as the DNS resolver, NIOS does not support certain features and they are not displayed in Grid Manager. However, fields related to these unsupported features will appear in CSV export files. Although these fields are only relevant to the IB-4030 and IB-4030-10GE appliances and might not apply to the appliances in your Grid, you can still perform CSV imports using these CSV export files without any issues.

Page 378: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 378

Limitations for CSV Import and ExportEnsure that you understand the following limitations before you start an import:

You can import multiple CSV files at a time, but at any given time you can execute only one single task. The import tasks are queued. Note that only one task at a time will be in the state, while the others are in the state.Import in progress Import pendingYou cannot roll back to previous data.You cannot import network containers.The following data cannot be imported: Microsoft management, DNSSEC, and GSS-TSIG data.You cannot export or import zone configuration for DNSSEC signed zones, although resource records added for a signed zone are supported.Only editable data can be imported. Discovered data cannot be imported or manipulated.If you upload a file and preview the file using the option, and later update the content of the same CSV file, and then try to view the Previewedited file using the same wizard, you may not be able to see the changes. Infoblox recommends that you start a fresh CSV import to Previewupload the edited file and navigate to the wizard to preview the file.PreviewYou cannot perform the CSV import operation on a Microsoft Server zone object, but NIOS allows you to perform the CSV import operation on records within a Microsoft Server zone. You may not see an error message when you perform a CSV import using the replace operation on an Microsoft Server zone.When you promote a new Grid Master during an import, the import stops; and it does not restart on the new Grid Master. When a failover occurs during an import, the import stops on the old active node, and it does not restart on the new active node.When you configure Unbound as the DNS resolver, NIOS does not support certain features and they are not displayed in Grid Manager. However, fields related to these unsupported features will appear in CSV export files. Although these fields are only relevant to the IB-4030 and IB-4030-10GE appliances and might not apply to the appliances in your Grid, you can still perform CSV imports using these CSV export files without any issues.

Page 379: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 379

CSV File FormatA CSV file is typically created and edited using a spreadsheet, though you can create a CSV file in a text editor using any supported separator. You can include more than one object type in a single CSV file when you add or modify data. For information, see . You can also organize Supported Object Typesfield names and data in a CSV file using different formats, as shown in the following examples. For additional information about how to create a CSV file, see . Guidelines for CSV ImportYou can create one CSV file to update data of multiple object types (Network and Host Record), as illustrated in . In this example, you CSV File Example 1define the field names you want to modify for the two object types in rows 1 and 2. You then include the corresponding data as shown in rows 3 to 6.

Page 380: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 380

Table 1.1 CSV File Example 1A B C D E

1 HEADER-NETWORK ADDRESS* NETMASK* EA-Gateway EA-Secondary Address

2 HEADER-HostRecord configure_for_dns* FQDN* ADDRESSES

3 NETWORK 10.251.133.128 255.255.255.192 10.251.133.129

4 NETWORK 10.176.80.255 255.255.252.0 10.176.80.1 172.16.213.0

5 HostRecord TRUE host1.dhcp.corp100.com 172.20.2.21

6 HostRecord TRUE host2.dhcp.corp100.com 172.20.2.22

In the above example the field name HEADER-NETWORK identifies the first row as a header row for the Network objects. The field names ADDRESS, NETMASK, EA-Gateway, and EA-Secondary Address (in rows B1 to E1) tell NIOS how to interpret a row of network data in the CSV file. Each row of data that begins with "Network" in column A is identified as a network data row. Therefore, NIOS interprets rows 3 and 4 as network data rows, in which column B contains the network addresses, column C contains the network masks, and columns D and E contain extensible attribute values for gateway and secondary address.Similarly, the field name HEADER-HostRecord identifies the second row as a header row for the Host Record objects. This header declaration tells NIOS that for each subsequent row of data that begins with "HostRecord" in column A, column C contains the FQDN of the host, and column D contains the host address. Therefore, NIOS interprets rows 5 and 6 as host record data rows that contain the FQDNs of the hosts in column C and the host addresses in column D.Alternatively, you can organize the information in the table above so that the data rows immediately follow the header rows, as shown in CSV File Example 2.

Page 381: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 381

Table 1.2 CSV File Example 2A B C D E

1 HEADER-NETWORK ADDRESS* NETMASK* EA-Gateway EA-Secondary Address

2 NETWORK 10.251.133.128 255.255.255.192 10.251.133.129

3 NETWORK 10.176.80.255 255.255.252.0 10.176.80.1 172.16.213.0

4 HEADER-HostRecord configure_for_dns* FQDN* ADDRESSES

5 HostRecord TRUE host1.dhcp.corp100.com 172.20.2.21

6 HostRecord TRUE host2.dhcp.corp100.com 172.20.2.22

You can also specify multiple header declarations for the same object type, as shown in . In this example, you specify the field names CSV File Example 3(in row 1) and data (in rows 2 and 3) to modify the extensible attributes(EA-Gateway and EA-Secondary Address) of two network addresses. You then specify the field names (in row 4) and data (in rows 5 and 6) to add new extensible attributes (EA-Gateway and EA-Host Range) of two other network addresses.

Page 382: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 382

Table 1.3 CSV File Example 3A B C D E

1 HEADER-NETWORK ADDRESS* NETMASK* EA-Gateway EA-Secondary Address

2 NETWORK 10.251.133.128 255.255.255.192 10.251.133.129

3 NETWORK 10.176.80.255 255.255.252.0 10.176.80.1 172.16.213.0

4 HEADER-NETWORK ADDRESS* NETMASK* EA-Gateway EA-Host Range

5 NETWORK 10.176.90.0 255.255.255.128 10.176.90.1 10.176.90.4-126

6 NETWORK 10.176.90.128 255.255.255.128 10.176.90.129 10.176.90.132-254

The examples in this section are illustrated using tables that resemble spreadsheet layouts. However, all other examples in this appendix use the comma separated value text file format. For example, the following is the CSV file notation equivalent of . CSV File Example 2HEADER-NETWORK,ADDRESS*,NETMASK*,EA-Gateway,EA-Secondary Address NETWORK,10.251.133.128,255.255.255.192,10.251.133.129 NETWORK,10.176.80.255,255.255.252.0,10.176.80.1,172.16.213.0 HEADER-HostRecord,FQDN*,ADDRESSESHostRecord,host1.dhcp.corp100.com,172.20.2.21 HostRecord,host2.dhcp.corp100.com,172.20.2.22

IDN Support for CSV ImportThe appliance supports IDNs (Internationalized Domain Names) and punycode for most of the DNS object types in a CSV file. An IDN is a domain name that contains a language-specific script or alphabet, such as Arabic, Chinese, Russian, Devanagari, or the Latin alphabet-based characters with diacritics, such as French. IDNs are encoded in multi-byte Unicode and are decoded into ASCII strings using a standardized mechanism known as Punycode transcription. For example, DNS Zone '.' (IDN in Russian) can be written as'xn-90anhdigczv.xn-p1ai' in the punycode representation. For information about IDNs, refer to the Infoblox NIOS Administrator Guide. You can use either IDNs or punycode to create DNS zones. Even if you use punycode to create a zone, the appliance automatically generates the corresponding IDN and displays the zone name in its native characters. Note that the appliance does not perform any conversion (IDN to punycode and vice versa) for DNS records, but preserves the data in the original characters. In other words, if a DNS object or a field name contains IDN, the appliance imports the data in IDN. If a DNS object or a field name is in punycode, the appliance imports the data in punycode. For more information about supported objects for CSV import, .Supported Object Types

Page 383: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 383

CSV Import for Response Policy ZonesYou can import local RPZs (Response Policy Zones) and their rulesets using the feature. When you import local RPZs using this feature, you CSV Importmust specify three new columns, and with relevant values, whereas importing an RPZ ruleset requires specifying priority, rpz_policy, substitute_namethe value for parent RPZ in the column, as mentioned in the following tables. For a local RPZ, CSV import supports all the values that are parent_zonelisted in along with the three new columns. However, for RPZ rulesets it supports the values that are listed in along with Authoritative Zone CNAME Recorda new column .parent_zoneFor example, if you want to add a new local RPZ, and substitute this domain with , then you must mention the priority, rpz_policy, and JKL.INFO JKI.NETsubstitute name as follows:.

A B C D E F G H I

HEADER- RESPONSEPOLICYZONE

FQDN* ZONE_ FO*RMAT

ALLOW_UPDATE PRIORITY

RPZ_POLICY

SUBSTITUTE _NAME

VIEW ZONE_TYPE

RESPONSEPOLICYZONE ABC.NET

FORWARD TSIG-RPZ_LOCAL_UP DATER_KEY._default. abc.net/kA36uJeavm hrH2Yqx8hEDPC6ok SFcsOb2evyWVAO5f M=/ALLOW/HMAC-S HA256

1001 GIVEN DEFAULT

RESPONSEPOLICY

RESPONSEPOLICYZONE XYZ.IN FORWARD TSIG-RPZ_LOCAL_UP DATER_KEY._default. xyz.in/kA36uJeavmh rH2Yqx8hEDPC6okSF csOb2evyWVAO5fM= /ALLOW/HMAC-SHA2 56

1002 NXDOMAIN

DEFAULT

RESPONSEPOLICY

RESPONSEPOLICYZONE AIM.EDU

FORWARD TSIG-RPZ_LOCAL_UP DATER_KEY._default. aim.edu/vIeLOfean4 YZUMOzGIvWnxhtOP XWM5QfJwxfHJbDXjQ =/ALLOW/HMAC-SHA 256

1003 NODATA DEFAULT

RESPONSEPOLICY

RESPONSEPOLICYZONE PQDR.C OM

FORWARD TSIG-RPZ_LOCAL_UP DATER_KEY._default. pqdr.com/R9TDpx8N +cBs0W32hEDzk5M wRjPuH%2FeYJsSgUk sX8SM=/ALLOW/HM AC-SHA256

1004 PASSTHRU

DEFAULT

RESPONSEPOLICY

RESPONSEPOLICYZONE JKL.INFO

FORWARD TSIG-RPZ_LOCAL_UP DATER_KEY._default.j kl.info/rLopR5+Sf4M pcfYpDJV+KWAdtTXA U5kFTFWFWuLV2Rw= /ALLOW/HMAC-SHA2 56

1005 SUBSTITUTE

JKI.NET DEFAULT

RESPONSEPOLICY

RESPONSEPOLICYZONE ASAC.CO M

FORWARD TSIG-RPZ_LOCAL_UP DATER_KEY._default. asac.com/kA36uJeav mhrH2Yqx8hEDPC6o kSFcsOb2evyWVAO5 fM=/ALLOW/HMAC-S HA256

1006 DISABLED

DEFAULT

RESPONSEPOLICY

Examples of Substitute and Block Domain Names:The following example shows a new column, which is added to the spreadsheet while importing an RPZ ruleset to a local RPZ :parent_zone, abc.net

A B C D E F

HEADER- RESPONSEPOLICYCNAMERECORD FQDN* CANONICAL_NAME DISABLED PARENT_ZONE VIEW

RESPONSEPOLICYCNAMERECORD CLARITY.ABC.NET CLEAR.IN FALSE NET.ABC DEFAULT

RESPONSEPOLICYCNAMERECORD ARM.ABC.NET FALSE NET.ABC DEFAULT

Example of an A Record CSV format:

A B C D E F

HEADER- RESPONSEPOLICYARECORD ADDRESS* FQDN* DISABLED PARENT_ZONE VIEW

RESPONSEPOLICYCNAMERECORD 10.32.2.1 PQR.ABC.NET FALSE NET.ABC DEFAULT

Example of an RPZ Policy IP Address:

A B C D E F

HEADER- RESPONSEPOLICYIPADDRESS FQDN* CANONICAL_NAME DISABLED PARENT_ZONE VIEW

RESPONSEPOLICYIPADDRESS 10.1.2.3.ABC.NET 10.1.2.3 FALSE NET.ABC DEFAULT

Example of an RPZ Policy Client IP Address:

A B C D E F

HEADER- RESPONSEPOLICYCLIENTIPADDRESS FQDN* CANONICAL_NAME DISABLED PARENT_ZONE VIEW

RESPONSEPOLICYCLIENTIPADDRESS 10.1.2.1.ABC.NET 10.1.2.1 FALSE NET.ABC DEFAULT

Page 384: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 384

Note the following:

You must specify the name of the parent zone when you import RPZ rules to a local zone. For example, where is the clarity.abc.net abc.netlocal RPZ.In the above example, the domain name is substituted with the domain name because is specified as the clarity.abc.net clear.in clear.incanonical name.The domain is blocked and the DNS client receives a message that the domain does not exist. For more information about RPZ arm.abc.netrules, refer to the .Infoblox NIOS Administrator Guide

Page 385: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 385

CSV Format for Inheritable Extensible AttributesExporting Inheritable Extensible AttributesWhen you export data, if an object has inheritable extensible attributes associated with it, then an additional column is displayed in the EAInherited-XXXspreadsheet, where XXX is the name of the inheritable extensible attribute. Note that the column displays the name of the inheritable extensible EA-XXXattribute and its value whereas

displays the inheritance state, which is either or . Extensible attributes with the following inheritance states will be EAInherited-XXX Inherit Overrideexported: , , and .Inherited Native OverriddenNote the following about inheritable extensible attributes:

By default, the value is displayed as for inheritable extensible attributes, which are at the top of the inheritance chain or if the value of Overridethe inherited extensible attribute is overridden at the descendant level.If the value is inherited by the descendants of the parent object, then the inheritance state is set to Inherit.If an extensible attribute is not inheritable or if the status is set to , then the column will not be displayed for these Not Inherited EAInherited-XXXattributes.NIOS does not support EA inheritance for DNS objects, but you might see the column in the CSV file when you export data EAInherited-XXXthrough Grid Manager. Note that NIOS treats these objects as normal extensible attributes even when you enable inheritance for extensible attributes.

Page 386: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 386

Importing Inheritable Extensible AttributesYou can specify new inheritable extensible attributes in the spreadsheet and import this file using the CSV Import feature. When you import inheritable extensible attributes using the CSV Import feature, you must specify two new columns, and , with relevant values as mentioned EA-XXX EAInherited-XXXin the following tables. Note that is the name of the inheritable extensible attribute.XXXFor example, if you want to update the value of an existing inheritable extensible attribute , you must set the inheritance state to in Building OVERRIDEthe spreadsheet. The following example shows that the original value of attribute , which is replaced by .Building Millennium Tower

A B C D E

HEADER- NETWORK ADDRESS* NETMASK* EA-Building EAInherited-Building

NETWORK 10.251.133.128 255.255.255.192 Millennium Tower OVERRIDE

The following example shows two new columns, and which are added to the spreadsheet to associate a new inheritable EA-Region EAInherited-Region,extensible attribute with an existing object:

A B C

HEADER- NETWORK ADDRESS* NETMASK* EA-Region EAInherited-Region

NETWORK 10.251.133.128 255.255.255.192 San Pablo INHERIT

Note the following about inheritance states:

When you import attributes for a parent object, the inheritance state must be set to .OVERRIDEFor descendants, the inheritance state can be set to or . If you specify , the attribute value will be inherited from the OVERRIDE INHERIT INHERITparent object. If you specify , the original value of the attribute will be replaced with the value specified in the spreadsheet.OVERRIDE

This is valid for Network related objects only. The supported inheritance chain is: Note: Network View -> Network Container -> Network -> . Range -> Host/Fixed Address/Reservation

Page 387: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 387

Importing Active Directory Domains and SitesThe Infoblox CSV format does not support extensible attributes that contain information about Active Directory domains and sites or objects that represent Active Directory domains or sites. The appliance displays an error message when you define values for such extensible attributes in the imported CSV file.When you export networks, the appliance does not include extensible attributes that contain information about Active Directory domains or sites in the generated .CSV file.

Page 388: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 388

CSV Import for Topology Rulesets and Rules in DNS Traffic ControlYou can import DNS Traffic Control topology rulesets and their rules using the feature. You must specify the topology rulesets and rules CSV Importseparated by commas in the CSV file:header-dtctopology,name*,commentheader-dtctopologyrule,dest_link*,dest_type*,name*,parent*,sources*,position dtctopology,topo_server11,TopologyRule dtctopologyrule,dtc_s11,Server,Rule11,topo_server11,SUBNET/IS_NOT/172.31.0.0/16,1 dtctopologyrule,pool12,Server,Rule12,topo_server11,"COUNTRY/IS/Canada",2

Importing Topology Rulesets and RulesTo import topology rulesets, you must specify the , and columns in the spreadsheet. The column indicates the header-topology name comment namename of the topology ruleset. To import topology rules, specify the following in the spreadsheet:

A B C

HEADER- DTCTOPOL OGY

NAME* COMMENT

HEADER- DTCTOPOL OGYRULE

DEST_LINK* DEST_TYPE* NAME* PARENT* SOURCES* POSITION

DTCTOPOL OGY topo_server1 Topology Server 1

DTCTOPOL OGYRULE

dtc_s1 SERVER RULE1 topo_server1 SUBNET/IS/10.0.0. 0/8

1

DTCTOPOL OGYRULE

dtc_s2 SERVER RULE2 topo_server1 SUBNET/IS/10.120 .0.0/16

2

DTCTOPOL OGY topo_pool1 Topology Pool 3

DTCTOPOL OGYRULE

pool1 POOL RULE3 topo_pool1 COUNTRY/IS/Antar ctica,CONTINENT/I S/Africa,SUBDIVISI ON/IS/Aden

1

You must specify the and columns when you import a CSV file with topology rules. Note that the dest_link, dest_type, name, parent, sources, position d indicates the name of the destination, which is either a pool or server and indicates the order of rules in a topology ruleset. The values est_link position

that you specify for must exist in the database. The indicates the destination type, which can either be a server or a pool. Specify a dest_link dest_typename for the topology rule in the column. In the column, you can specify the name of the DTC topology ruleset. The column must name parent sourcescontain either a subnet IP address or a geographic location. The appliance displays an error message if you do not specify valid GeoIP labels when you import a CSV file.

Page 389: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 389

Supported Object TypesThis section describes the supported object types and their corresponding fields for CSV import and export. It also includes examples of how to create data files. Ensure that you review this information before you import or export a data file.

Note: All inherited fields follow the override conventions described in . Data Specific Guidelines

Page 390: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 390

Table 1.4 Supported DNS Object TypesDNS Object Type Required Fields & Syntax IDN Supported (Yes/No)

Grid DNS Objects Grid DNS Objects Yes

Member DNS Objects Member DNS Objects Yes

Authoritative Zone Authoritative Zone Yes

Forward-Mapping Zone Forward-Mapping Zone Yes

Stub Zone Stub Zone Yes

Delegated Zone Delegated Zone Yes

Authoritative Name Server Group Authoritative Name Server Group Yes

Forwarding Member Name Server Group Forwarding Member Name Server Group Yes

Stub Member Name Server Group Stub Member Name Server Group Yes

Forward/Stub Server Name Server Group Forward/Stub Server Name Server Group Yes

A Record A Record Yes

AAAA Record AAAA Record Yes

CNAME Record CNAME Record Yes

DNAME Record DNAME Record Yes

MX Record MX Record Yes

NAPTR Record NAPTR Record Yes

NS Record NS Record Yes (supports only FQDN)

PTR Record PTR Record Yes

SRV Record SRV Record Yes

TXT Record TXT Record Yes

TLSA Record TLSA Record No

CAA Record CAA Record Yes

Host Record Host Record Yes

IPv4 Host Address IPv4 Host Address No

IPv6 Host Address IPv6 Host Address No

Bulk Host Bulk Host No

Rulesets NXDOMAIN and Blacklist Rulesets No

NXDOMAIN Rule NXDOMAIN Rule No

Blacklist Rule Blacklist Rule No

Whitelist Rule Whitelist Rule No

DNS64 Synthesis Group DNS64 Synthesis Group No

Response Policy Zone Response Policy Zone No

Response Policy A Record Response Policy A Record No

Response Policy AAAA Record Response Policy AAAA Record No

Response Policy IP A Record Response Policy IP A Record No

Response Policy IP AAAA Record Response Policy IP AAAA Record No

Response Policy MX Record Response Policy MX Record No

Response Policy NAPTR Record Response Policy NAPTR Record No

https://docs.infoblox.com/display/nios84/Table+1.6+Other+Supported+Objects#Table1.6OtherSupportedObjects-bookmark22
https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark27
https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark28
https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark29
https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark30
https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark31
https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark32
https://docs.infoblox.com/display/nios84/CNAME+Record#CNAMERecord-bookmark35
https://docs.infoblox.com/display/nios84/Bulk+Host#BulkHost-bookmark47
Page 391: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 391

Response Policy PTR Record Response Policy PTR Record No

Response Policy SRV Record Response Policy SRV Record No

Response Policy TXT Record Response Policy TXT Record No

Response Policy CNAME Record Response Policy CNAME Record No

Response Policy IP Address Response Policy IP Address No

Response Policy Client IP Address Response Policy Client IP Address No

Response Policy IP Address CNAME Response Policy IP Address CNAME No

Response Policy Client IP Address CNAME Response Policy Client IP Address CNAME No

Dynamic Update Group Dynamic Update Group No

Dynamic Update Cluster Group Dynamic Update Cluster Group No

https://docs.infoblox.com/display/nios84/Dynamic+Update+Group#DynamicUpdateGroup-bookmark68
Page 392: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 392

Table 1.5 Supported DHCP Object Types

Note: IDN is not supported for DHCP object types.

DHCP Object Type Required Fields & Syntax

Grid DHCP Grid DHCP Objects

Member DHCP Member DHCP Objects

Network View Network View

DNS View DNS View

IPv4 Network Container IPv4 Network Container

IPv4 Network IPv4 Network

IPv6 Network Container IPv6 Network Container

IPv6 Network IPv6 Network

IPv4 Shared Network IPv4 Shared Network

IPv6 Shared Network IPv6 Shared Network

IPv4 DHCP Range IPv4 DHCP Range

IPv6 DHCP Range IPv6 DHCP Range

IPv4 Fixed Address and Reservation IPv4 Fixed Address/Reservation

IPv4 Fixed Address/Reservation IPv6 Fixed Address IPv6 Fixed Address

DHCP Fingerprint DHCP Fingerprint

DHCP MAC Filter DHCP MAC Filter

MAC Filter Address Item MAC Filter Address

Option Filter Option Filter

Option Filter Match Rule Option Filter Match Rule

DHCP Fingerprint Filter DHCP Fingerprint Filter

Relay Agent Filter Relay Agent Filter

NAC Filter DHCP Fingerprint Filter

IPv4 Option Space IPv4 Option Space

IPv6 Option Space IPv6 Option Space

IPv4 Option Definition IPv4 Option Definition

IPv6 Option Definition IPv6 Option Definition

Permissions for DNS resources with associated IP addresses in networks and ranges

Permissions for DNS resources with associated IP addresses in networks and ranges

DHCP Failover Association DHCP Failover Association

https://docs.infoblox.com/display/nios84/Dynamic+Update+Group#DynamicUpdateGroup-bookmark69
https://docs.infoblox.com/display/nios84/DNS+View#DNSView-bookmark73
Page 393: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 393

Table 1.6 Other Supported ObjectsOther Supported Objects Required Fields and Syntax

Grid Member Grid Member

Upgrade GroupsDistribution SchedulesUpgrade Schedules

Upgrade Groups and Schedules

Named ACLs (access control lists) Named ACLs ACES in Named ACLs

Infoblox Network Insight Discovery Credentials

Grid DNS Objects

Field Name

DataType

Required(Yes/No)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-GridDNS

String Yes Identifies the first row as a header row for the Grid DNS objects. Example: GridDNS

refresh Unsigned integer

No Indicates the refresh time in seconds. Example: 10800

retry Unsigned integer

No Indicates the retry time in seconds. Example: 3600

expire Unsigned integer

No Indicates the expiration time in seconds. Example: 2419200

default_ttl Unsigned integer

No Indicates the default TTL value in seconds. Example: 28800

negative_ttl Unsigned integer

No Indicates the negative TTL value in seconds. Example: 900

lame_ttl Unsigned integer

No Indicates the lame TTL value in seconds. Example: 600

email String No Indicates the email address. Example: [email protected]

enable_secondary_notify

Boolean No Enable Grid secondaries to send notification. Example: False

enable_notify_source_port

Boolean No Enable notification source port Example: False

notify_source_port

Unsigned integer

No Indicates notify-source port number.

enable_query_source_port

Boolean No Enable query source port. Example: False

query_source_port

Unsigned integer

No Indicates query-source port number.

allow_transfer ACL No Allow zone transfers to

allow_transfer List of items. Example: NACL1or address_tsig_ac"12.0.0.12/Deny,1234::/64/Allow". Note that you can import the name of a named ACL in this field.

excluded_servers

IP addresslist

No List of excluded servers for zone transfers.

zone_transfer_format_option

String No Indicates the zone transfer format. Example: MANY_ANSWERS

allow_query ACL No Allow queries from

allow_query List of items. It can be an IP address, a network entry, Any or a TSIG-address_tsig_ac/permission. If the first value is not or -, it is assumed to be an IP address or a Any TSIGnetwork entry. Example: 10.0.0.10/Allow, 11.0.0.0/16/Deny, TSIG-foo/xyz/Allow. It can also be a named ACL. Example: NACL1.

https://docs.infoblox.com/display/nios84/DHCP+Failover+Association#DHCPFailoverAssociation-bookmark96
Page 394: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 394

recursion_enabled

Boolean No Indicates the flag to respond to recursive queries. Example: False

recursive_query_list

ACL No It can be an IP address, a network entry, Any or a TSIG-/permission. If the first value is not A or -, it is assumed to be an IP address or a network entry. Example: 10.0.0.10ny TSIG

/Allow, 11.0.0.0/16/Deny,TSIG-foo/xyz/Allow. It can also be a named ACL. Example: NACL1.

allow_update ACL No Allow updates from

allow_update List of items. It can be an IP address, a network entry, Any or a TSIG-address_tsig_ac/permission. If the first value is not or -, it is assumed to be an IP address or a Any TSIGnetwork entry. Example: 10.0.0.10/Allow, 11.0.0.0/16/Deny, TSIG-foo/xyz/Allow. It can also be a named ACL. Example: NACL1.

allow_update_forwarding

Boolean No Allow updates from

forward_to Enable update forwarding for secondary zones. Example: False

allow_bulkhost_ddns

String No Enable updates to PTR records sourced from a bulkhost. Example: Refuse

forwarders_only

Boolean No Use Forwarders Only

Enable use of forwarders only. Example: False

allow_forwarder

IP addresslist

No Indicates the list of forwarders.

enable_custom_root_server

Boolean No Indicates the flag to enable custom root servers. Example: False

root_name_servers

Root nameserver list

No Indicates the list of custom root servers. Example: rnm1.test.com/1.1.1.1/,... The appliance displays an error message if the column has an empty root_name_serversvalue when the field is set to in the imported CSV file.enable_custom_root_server True

enable_blackhole

Boolean No Enable blackhole setting. Example: False

blackhole ACL No Indicates the list of banned addresses. Example: "NACL" or "12.0.0.12/Deny,1234::/64/Allow,.."

notify_delay Unsigned integer

No notify_delay This field specifies the seconds of delay the notify messages are sent to the secondaries. The valid value is between 5 and 86400 seconds. Example: 5

enable_nxdomain_redirect

Boolean No Enable intercept and redirect nxdomain responses. Example: False

nxdomain_redirect_addresses

IP addresslist

No Indicates the list of IPv4 addresses to redirect to for nxdomain responses. Example: "1.1.1.1,2.2.2.2,..."

nxdomain_redirect_ttl

Unsigned integer

No Indicates the NXDOMAIN redirect ttl in seconds. Example: 60

nxdomain_log_query

Boolean No If you set this to , the appliance logs the NXDOMAIN redirections. TrueExample: False

nxdomain_rulesets

Pattern list

No Indicates the list of ruleset objects that are used for NXDOMAIN redirection. Example: pattern1/MODIFY, pattern2/PASS, ...

enable_blacklist

Boolean No enable_blacklist

Enable or disable blacklist redirection at the Grid level. Example: False

blacklist_redirect_addresses

IP addresslist

No blacklist_ redirect_ addresses

Indicates the list of IPv4 addresses to which the blacklisted queries are redirected. Example: 1.1.1.1,2.2.2.2

blacklist_action String No Action blacklist_action Indicates the action to be performed when a domain name matches the pattern defined in an assigned rule. Example: Refuse

blacklist_redirect_ttl

Unsigned integer

No blacklist_ redirect_ttl

Indicates the blacklist redirect TTL value in seconds. Example: 60

blacklist_log_query

Boolean No blacklist_log_ query

When this is set to , blacklisted queries are logged. Example: FalseTrue

blacklist_rulesets

List of domain names

No blacklist_ rulesets

List of ruleset objects that are used for blacklist redirection. Example: list1.com, list2.com, ...

enable_dns64 Boolean No Enable DNS64 synthesis. Example: False

dns64_groups List of Dns64 groups

No List of SynthesisGroup objects. Example: dns64_groupA, dns64_groupB, ...

host_rrset_order

Boolean No Specify to set the flag or to deactivate True enable_host_rrset_order False enable_host_r value at the Grid level. Example: Falserset_order

Boolean No

Page 395: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 395

preserve_host_rrset_order_on_ secondaries

Specify to set the flag or to True preserve_host_rrset_order_on_second aries Falsedeactivate value at the Grid level. The preserve_host_rrset_order_on_second ariesdefault value is . Example: FalseFalse

filter_aaaa String No Indicates the type of AAAA filtering for this Grid DNS object. The default value is . NoExample: Yes

filter_aaaa_list ACL No Indicates the list of IPv4 addresses and networks from which queries are received. Note that the AAAA filtering is applied to these addresses. Example: "12.0.0.12/Deny,13.0.0.0/8/Allow,.." or "NACL1"

copy_xfer_to_notify

Boolean No Enable or disable copying of the allowed IP addresses from zone transfer list into also-notify statement in named.conf. Example: False

transfers_in Unsigned integer

No Indicates the number of maximum concurrent transfers for the Grid. You can specify unsigned integers between 10 and 100. The default value is 10. Example: 10

transfers_out Unsigned integer

No Indicates the number of maximum outbound concurrent zone transfers for the Grid. You can specify unsigned integers between 10 and 100. The default value is 10. Example: 10

transfers_per_ns

Unsigned integer

No Indicates the number of maximum concurrent transfers per member for the Grid. You can specify unsigned integers between two and 100. The default value is two. Example: 2

serial_query_rate

Unsigned integer

No Indicates the number of maximum concurrent SOA queries per second for the Grid. You can specify unsigned integers between 20 and 100. The default value is 20. Example: 20

max_cache_ttl Unsigned integer

No Indicates the maximum time (in seconds) for which the server will cache positive answers. The default value is 604800.

max_ncache_ttl

Unsigned integer

No Indicates the maximum time (in seconds) for which the server will cache negative (NXDOMAIN) responses. The default value is 10800. The maximum allowed value is 604800.

disable_edns Boolean No Enable or disable EDNS0 support for queries that require recursive resolution. The default value is .False

query_rewrite_enabled

Boolean No When this is set to , query rewrite is enabled at the Grid level. Example: FalseTrue

query_rewrite_domain_names

List of domain names

No Indicates the list of domain names that trigger DNS query rewrite.Example: "aa.com, bb.com."

query_rewrite_prefix

String No Indicates the domain name prefix for DNS query rewrite. The default value is .undefined

rpz_drop_ip_rule_enabled

Boolean No Ignore RPZ-IP triggers with too smallprefix lengths

When this is set to , DNS server ignores RPZ-IP rules with prefix lengths that are less Truethan the specified prefix length limit. Example: TRUE

rpz_drop_ip_rule_min_prefix_leng th_ipv4

Unsigned Integer

No Minimum IPv4 Prefix Length

Indicates the minimum IPv4 prefix length for RPZ-IP triggers. The default value is 29.

rpz_drop_ip_rule_min_prefix_leng th_ipv6

Unsigned Integer

No Minimum IPv6 Prefix Length

Indicates the minimum IPv6 prefix length for RPZ-IP triggers. The default value is 112.

rpz_hit_rate_interval

Unsigned Integer

No Interval Indicates the minimum time interval in seconds between RPZ hit rate checks. The default interval is 10 seconds.

rpz_hit_rate_min_query

Unsigned Integer

No Minimum query

Indicates the minimum number of queries between RPZ hit rate checks. The default value is 1000.

rpz_hit_rate_max_query

Unsigned Integer

No Maximum query

Indicates the maximum number of queries between RPZ hit rate checks. The default value is 100000.

Page 396: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 396

Member DNS ObjectsNIOS does not support add and delete operations.

Field Name

Data Type Required Associated

(Yes/No) GUI Field

Required (Yes/No)

Associated GUI Field

AssociatedPAPI Method

Usage and Guidelines

Header-MemberDns

String Yes Identifies the first row as a header row for the member DNS objects.Example: MemberDns

parent FQDN Yes Indicates the parent object.Example: member1.infoblox.com

dns_over_mgmt

Boolean No Enable or disable DNS services on the MGMT port. Example: False

dns_over_lan2

Boolean No Enable or disable DNS services on the LAN2 port. Example: False

minimal_response

Boolean No Enable or disable minimal response of the DNS server.Example: False

forwarders_only

Boolean  No Use Forwarders Only

Enable use of forwarders only. Example: False

allow_forwarder

IP address list No Indicates the list of forwarders.

member_view_nats

integer No Indicates the list of views with NAT address used for creating glue records for the view. Example: dns_view1/INTERFACE/10.10.10.

enable_notify_source_port

integer No Enable or disable . notify_source_portExample: False

notify_source_port

Unsigned integer

No Indicates the notify source port number.

enable_query_source_port

Boolean No Enable or disable Example: Falsequery_source_port.

query_source_port

Unsigned integer

No Indicates the query source port number.

lame_ttl Unsigned integer

No Indicates the lame TTL value in seconds. Example: 600

auto_sort_views

Boolean No Enable or disable DNS views auto-sort. Example: False

member_views

List of Member views

No Indicates the list of member views. Example: dns_view1, dns_view2,..

allow_transfer

ACL No Allow zone transfers to

allow_transfer List of items.Note that you can import the name of a named address_tsig_acACL in this field. Example: NACL1or "12.0.0.12/Deny,1234::/64/Allow".

excluded_servers

IP address list No List of excluded servers for zone transfers.

zone_transfer_format_option

String No Indicates the zone transfer format.

recursion_enabled

Boolean No Indicates the flag to respond to recursive queries. Example: False

allow_query ACL  No Allow queries from allow_query List of items. It can be an IP address, a network entry, Any or a address_tsig_acTSIG-/permission. If the first value is not or -, it is assumed to be an IP Any TSIGaddress or a network entry. Example: 10.0.0.10/Allow, 11.0.0.0/16/Deny, TSIG-foo/xyz/Allow. It can also be a named ACL. Example: NACL1.

allow_recursive_query

ACL No List of items. It can be an IP address, a network entry, Any or a address_tsig_acTSIG-/permission. If the first value is not or -, it is assumed to be an IP Any TSIG

Note

When you export member DNS properties, the CSV file might include the "unbound_logging_level" field with "OPERATIONS" as the value. Although this field is only applicable to the IB-4030 and IB-4030-10GE appliances and might not apply to your Grid members, you can still perform CSV import using the CSV export file that contains this field without any issues.

Page 397: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 397

address or a network entry.Example:"10.0.0.10/Allow,11.0.0.0/16/Deny,TSIG-foo/xyz/Allow,.." or it can be a named ACL. Example: "NACL1"

limit_concurrent_recursive_clients

Boolean No Enable limit of concurrent recursive client number. Example: False

concurrent_recursive_clients

Unsigned integer

No Indicates the number of clients allowed to perform concurrent queries. Example: 1000

allow_update ACL  No Allow updates from allow_update  List of items. It can be an IP address, a network entry, Any or a address_tsig_acTSIG-/permission. If the first value is not or -, it is assumed to be an IP Any TSIGaddress or a network entry. Example: 10.0.0.10/Allow, 11.0.0.0/16/Deny, TSIG-foo/xyz/Allow. It can also be a named ACL. Example: NACL1.

allow_gss_tsig_zone_updates

Boolean No Allow GSS-TSIG clients to perform zone updates. Example: False

allow_update_forwarding

Boolean No Allow updates from forward_to  Enable update forwarding for secondary zones. Example: False

enable_custom_root_server

Boolean No Indicates the flag to enable custom root servers. Example: False

root_name_servers

Root  nameserver list

No Indicates the list of custom root servers. Example: rnm1.test.com/1.1.1.1/,.The appliance displays an error message if the  column has root_name_serversan empty value when the  field is set to in the enable_custom_root_server Trueimported CSV file.

enable_blackhole

Boolean No Enable blackhole setting. Example: False

blackhole ACL No Indicates the list of banned addresses. Example: "NACL" or "12.0.0.12/Deny,1234::/64/Allow ,.."

notify_delay Unsigned integer

No notify_delay  This field specifies the seconds of delay the notify messages are sent to the secondaries. The valid value is between 5 and 86400 seconds. Example: 5

enable_nxdomain_redirect

Boolean No Enable intercept and redirect nxdomain responses. Example: False

nxdomain_redirect_addresses

IP address list No Indicates the list of IPv4 addresses to redirect to for nxdomain responses. Example: "1.1.1.1,2.2.2.2,..."

nxdomain_redirect_ttl

Unsigned integer

No Indicates the NXDOMAIN redirect ttl in seconds. Example: 60

nxdomain_log_query

Boolean No If you set this to , the appliance logs the NXDOMAIN redirections. Example: TrueFalse

nxdomain_rulesets

Pattern list No Indicates the list of ruleset objects that are used for NXDOMAIN redirection. Example: pattern1/MODIFY, pattern2/PASS, ...

enable_blacklist

Boolean No enable_blacklist

Enable or disable blacklisting at the Grid level. Example: False

blacklist_redirect_addresses

IP address list No blacklist_redirect_addresses

Indicates the list of IPv4 addresses addresses to which the blacklisted queries are redirected. Example: 1.1.1.1,2.2.2.2

blacklist_action

String No Action blacklist_action  Indicates the action to be performed when a domain name matches the pattern defined in an assigned rule. Example: Refuse 

blacklist_redirect_ttl

Unsigned integer

No Indicates the TTL value of synthetic DNS responses resulted by blacklisted queries. Example: 60

blacklist_log_query

Boolean No blacklist_log_query

Indicates if blacklisted queries must be logged. Example: False

blacklist_rulesets

List of domain names

No blacklist_rulesets

Indicates the ruleset objects that are blacklisted at the Grid level. Example: list1.com, list2.com, ...

enable_dns64

Boolean No Enable DNS64 synthesis. Example: False

dns64_groups

List of Dns64 groups

No List of SynthesisGroup objects. Example: dns64_groupA, dns64_groupB, ...

max_cached_lifetime

Unsigned integer

No Indicates the maximum time in seconds a DNS response can be stored in the hardware acceleration cache. You can specify unsigned integer between 60 and 86400. Default value is 86400.

dns_over_v6_mgmt

Boolean No Enable or disable DNS services on the IPv6 MGMT port. Example: False

Page 398: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 398

dns_over_v6_lan2

Boolean No Enable or disable DNS services on the IPv6 LAN2 port. Example: False

filter_aaaa String No Indicates the type of AAAA filtering for this Grid DNS object. The default value is No. Example: Yes

filter_aaaa_list

ACL No Indicates the list of IPv4 addresses and networks from which queries are received. Note that the AAAA  filtering is applied to these addresses. Example: "12.0.0.12/Deny,13.0.0.0/8/Allow,.." or "NACL1"

dns_over_v6_lan

Boolean No Example: False

copy_xfer_to_notify

Boolean No Enable or disable copying of the allowed IP addresses from zone transfer list into also-notify statement in named.conf. Example: False

transfers_in Unsigned integer

No Indicates the number of maximum concurrent transfers for the Grid. You can specify unsigned integers between 10 and 100. The default value is 10. Example: 10

transfers_out

Unsigned integer

No Indicates the number of maximum outbound concurrent zone transfers for the Grid. You can specify unsigned integers between 10 and 100. The default value is 10. Example: 10

transfers_per_ns

Unsigned integer

No Indicates the number of maximum concurrent transfers per member for the Grid. You can specify unsigned integers between two and 100. The default value is two. Example: 2

serial_query_rate

Unsigned integer

No Indicates the number of maximum concurrent SOA queries per second for the Grid. You can specify unsigned integers between 20 and 100. The default value is 20. Example: 20

max_cache_ttl

Unsigned integer

No Indicates the maximum time (in seconds) for which the server will cache positive answers. The default value is 604800.

max_ncache_ttl

Unsigned integer

No Indicates the maximum time (in seconds) for which the server will cache negative (NXDOMAIN) responses. The default value is 10800. The maximum allowed value is 604800.

disable_edns

Boolean No Enable or disable EDNS0 support for queries that require recursive resolution. The default value is False.

query_rewrite_enabled

Boolean No When this is set to query rewrite is enabled at the Grid level. Example: FalseTrue,

ADMGRP-XXXX

String No Permissions Admin Group/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

rpz_drop_ip_rule_enabled

Boolean No Ignore RPZ-IP triggers with too small prefix lengths

When this is set to DNS server ignores RPZ-IP rules with prefix lengths that True,are less than the specified prefix length limit. Example: TRUE

rpz_drop_ip_rule_min_prefix_length_ipv4

Unsigned Integer

No Minimum IPv4 Prefix Length

Indicates the minimum IPv4 prefix length for RPZ-IP triggers. The default value is 29.

rpz_drop_ip_rule_min_prefix_length_ipv6

Unsigned Integer

No Maximum IPv4 Prefix Length

Indicates the minimum IPv6 prefix length for RPZ-IP triggers. The default value is 112.

atc_forwarding_enable

Boolean No Enable Recursive Queries Forwarding to BloxOne Threat Defense Cloud

Enable or disable the forwarding of DNS recursive queries to BloxOne Threat Defense Cloud.

atc_forwarding_access_key

String No Access Key API Access Key for the current member.

atc_forwarding_resolver_address

IP Address No DFP Name Server IP address of the local DNS resolver.

atc_forwarding_forward_first

Boolean No Fallback to a default resolver if ATC does not respond

Option to resolve the DNS query if there is any resolution failure in the BloxOne Threat Defense Cloud.

Page 399: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 399

Authoritative ZoneYou can import the name of a named ACL in the fields that support named ACLs, such as allow_transfer, allow_query, and allow_update.

Note: IDN is supported for object types: fqdn, soa_mname, and soa_email. You can use punycode or IDNs while importing these objects.

Field Name

DataType

Required (Yes/No)

Associated GUI Field

AssociatedPAPI Method

Usage and Guidelines

Header-AuthZone

String Yes

fqdn FQDN Yes Name name Example: test.com

zone_format

String Yes Valid values are FORWARD, IPV4,and IPV6

view String No If no view is specified, the Default view is used.

prefix String No Prefix is used for reverse-mapping RFC2317 zones only. If you include a prefix in a forward-mapping zone, the appliance ignores the prefix. No error message is generated.

_new_prefix

String No Add this field to overwrite the prefix field when you select the overwrite or merge option.Use the hostname of the grid member in this field. Example: infoblox.localdomain

is_multimaster

Boolean No  Multi-master is_multimaster Indicates whether the zone has multiple primary servers. Example: True

grid_primaries

Grid member list and stealth state

No Grid Primary/Stealth

primary  stealth Data must be in the following format: "hostname/stealth" Example: "foo.localadmin/False,corp1.com/True,..."

external_primaries

Server list

No External Primary

primary Data must be in the following format: "name/ip/stealth/use_2x_tsig/ use_tsig/tsig_name/tsig_key/ tsig_key_algorithm". Only name and ip are required fields. If no value is specified for stealth, use_2x_tsig, and use_tsig, the default value FALSE is used. If either use_2x_tsig or use_tsig is TRUE, tsig_name and tsig_key are required. If no value is specified for tsig_key_algorithm, the default value is HMAC-MD5. If both use_2x_tsig and use_tsig are TRUE, only use_tsig = TRUE and the tsig key name and key are imported. Example: "ext1.test.com/1.1.1.1/FALSE"

grid_secondaries

Member server list

No Grid Secondary

secondaries Data must be in the following format: "hostname/stealth/lead/grid_ replicate". Only hostname is required. If you do not specify values for stealth, lead, and grid_replicate, the default value FALSE is used. Example: "member1.localdomain/FALSE/TRUE/FALSE"

external_secondaries

Server list

No External Secondary

secondaries Data must be in the following format: "name/ip/stealth/use_2x_tsig/use_tsig/tsig_name/tsig_key/tsig_key_algorithm". Only name and ip are required fields. If no value is specified for stealth, use_2x_tsig, and use_tsig, the default value FALSE is used. If either use_2x_tsig or use_tsig is TRUE, tsig_name and tsig_key are equired. If no value is specified for tsig_key_algorithm, the default value is HMAC-MD5. If both use_2x_tsig and use_tsig are TRUE, only use_tsig = TRUE and the tsig key name and key are imported. Example: "sec1.com/1.1.1.1/FALSE/FALSE/FALSE/foo/sdfssdf86ew"

ns_group String No  Name server group

ns_group Authoritative name server group name. Example: name-ns-group1

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

create_underscore_zones

Boolean No Automatically create underscore zones

create_underscore_zones

Example: FALSE

allow_active_dir

List of IP addresses

No Allow unsigned updates from these domain controllers

enable_ad_server

The Valid value is a list of IP addresses.Example: “1.1.1.1, 10.0.0.1

soa_refresh

Unsigned integer

No Refresh soa_refresh When you modify this field to override an inherited value, you must include values for all SOA timer fields. The appliance updates all the SOA timers when you update any of them.

soa_retry Unsigned integer

No Retry soa_retry Ensure that you include this field when you override the soa_refresh field.

Page 400: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 400

soa_expire

Unsigned integer

No Expire soa_expire Ensure that you include this field when you override the soa_refresh field.

soa_default_ttl

Unsigned integer

No Default TTL soa_default_ttl Ensure that you include this field when you override the soa_refresh field.

soa_negative_ttl

Unsigned integer

No Negative-caching TTL

soa_negative_ttl

Ensure that you include this field when you override the soa_refresh field.

soa_mnames

FQDN list

No List of SOA MNAME fields

soa_mname Data must include the FQDN and hostnameExample: “foo.localdomain/foobar.localadmin,...”

soa_email

Email address

No Email address for SOA MNAME field

soa_email Example: root@

soa_serial_number

Unsigned integer

No Serial Number soa_serial_number

disable_forwarding

Boolean No Don’t use forwarders...

disable_forwarding

Example: TRUE

allow_update_forwarding

Boolean No Allow updates from

forward_to Example: FALSE

update_forwarding

ACL No Allow updates from...Permission table

forward_to Data must be in the following formats: ip address/permissionnetwork/network cidr/permissionANY/permissionTSIG-XXX/permission

Permission can be ALLOW or DENY If the first value is not Any or TSIG-, it is assumed to be an IP or network address.Example: "10.0.0.10/Allow,11.0.0.0/16/Deny,TSIG-foo/sdfdsfwhsdgfsw8sdf/Allow

allow_transfer

ACL No Allow zone transfers to

allow_transfer Example: "12.0.0.12/Deny,1234::/64/Allow"Note that you can import the name of a named ACL in this field.

allow_update

ACL No Allow updates from

allow_update Example: “13.0.0.0/8/Allow”Note that you can import the name of a named ACL in this field.

allow_query

ACL No Allow queries from

allow_query Example: “127.0.0.1/Allow”Note that you can import the name of a named ACL in this field.

notify_delay

Unsigned integer

No notify_delay This field specifies the seconds of delay the notify messages are sent to the secondaries. The valid value is between 5 and 86400 seconds.Example: 10

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Guidelines.

EA-Users

List No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see . Data Specific Guidelines

ADMGRP-JoeSmith

String No PermissionsAdmin Group/Role

ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for DNS zones. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding DNS Zones

This example shows how to add a forward mapping zone, corp100.com, with a Grid primary and a Grid secondary, where the grid secondary = hostname/stealth/lead/grid_replicate.

header-authzone,fqdn*,zone_format*,comment,grid_secondariesauthzone,corp100.com,FORWARD,USA,member.infoblox.com/False/ False3

This example shows how to create a data file to add an IPv4 reverse mapping zone, 100.0.0.0/8, with a Grid primary and an external secondary, where the external secondary = name/ip/stealth/use_2x_tsig/use_tsig/ tsig_name/tsig_key.

header-authzone,fqdn*,zone_format*,external_secondaries authzone,100.0.0.0/8,IPV4,ns2.com/2.2.2.2/False/False/False/None/None

This example shows how to create a data file to add an IPv6 reverse-mapping zone, 1234::/64, with an external primary and a Grid secondary, where the external primary = name/ip/stealth/use_2x_tsig/use_tsig/ tsig_name/tsig_key.

Page 401: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 401

header-authzone,fqdn*,zone_format*,external_primaries,grid_secondariesauthzone,1234::/64,IPV6,ns1.com/1.1.1.1/False/False/False/None/None, member.infoblox.com/False/False/False

Overwriting DNS Zone Data

This example shows how to overwrite a comment from "USA" to "Japan" and remove the Grid secondary.

header-authzone,fqdn*,zone_format*,comment,grid_secondaries authzone,corp100.com,FORWARD,Japan

Merging DNS Zone Data

This example shows how to merge the extensible attribute "Site" = "HQ" and add the RW permission to an admin group "DNS_admins".

header-authzone,fqdn*,zone_format*,ADMGRP-DNS_admins,EA-site authzone,corp100.com,FORWARD,RW,HQ

This example shows how to add an external secondary with these values: "ns3.com/2.2.2.2/False/False/False/None/None".

header-authzone,fqdn*,zone_format*,external_secondariesauthzone,100.0.0.0/8,IPV4,ns2.com/2.2.2.2/False/False/False/None/None,ns3.com/2.2.2.2/ False/False/False/None/None

Adding Named ACL Data

This example shows how to import the names of named ACLs in supported fields, such as allow_transfer, allow-query, and allow_update:

Header-authzone,fqdn*,grid_primary,view,external_secondaries,allow_transfer,allow_quer y,zone_type,allow_active_dir,allow_update,zone_format,notify_delay,disabled,grid_prima ry_stealth,soa_negative_ttl,soa_mname,soa_default_ttl,soa_retry,,create_underscore_zon es,soa_serial_number,soa_email,comment,soa_expire,soa_refreshauthzone,test_data_export.com,infoblox.localdomain,default,test_data.infoblox.com/1.1. 1.1/TRUE,"12.0.0.12/Deny,1234::/64/Allow",My_Named_ACL,Authoritative,1.2.3.4,"1234::/6 4/Allow",FORWARD,100,FALSE,FALSE,100,mname2,300,600,FALSE,FALSE,1,[email protected] (mailto:%2CFORWARD%2C100%2CFALSE%2CFALSE%2C100%2Cmname2%2C300%2C600%2CFALSE%2CFALSE%2C1%[email protected])o m,Authzone2,200,500authzone,test_csv_export.com,infoblox.localdomain,default,test_csv.infoblox.com/1.1.1. 1/TRUE,My_Named_ACL,"12.0.0.12/Deny,1234::/64/Allow",,2.3.4.5,"4321::/64/Allow",FORWARD,100,FALSE,FALSE,400,mname1,900,800,FALSE,FALSE,1,[email protected],Authzone1,100,200

Page 402: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 402

Forward-Mapping ZoneNote that to delete a parent zone and the associated subzones, you must add column to the CSV export file and set the value to . remove-subzones TrueIf you want to delete only the parent zone, then you must set this column value to .False

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-ForwardZone

String Yes Identifies the first row as a header row for the forward zones. Example: ForwardZone

fqdn FQDN Yes Name zone This field combines the AAAA record name and the zone name to form the FQDN. Example: aaaa1.corp100.com

view String  No DNS View views If no view is specified, the default view is used. Example: Default

zone_format

String  Yes Type Valid values are , ,and .FORWARD IPV4 IPV6

prefix String  No RFC 2317 Prefix

prefix Prefix is used for reverse-mapping RFC2317 zones only. If you include a prefix in a forward-mapping zone, the appliance ignores the prefix. No error message is generated.

disabled Boolean No Disable disable Enable or disable the forward zone. Example: FALSE

comment String  No Comment comment Example: This is a Forward zone.

forward_to Zone forwarder list

Yes Default Zone Forwarders

List of forwarders for a Forward type zone. Example: fwd1.test.com/1.1.1.1/,...

forwarding_servers

Forwarding members list

No Members List of forwarding servers. Example: "infoblox.localdomain,..."

forwarders_only

Boolean  No Use Forwarders Only

Enable use of forwarders only. Example: False

ns_group String No ns_group Forwarding member name server group name. Example: fwd_ns_group1.

ns_group_external

String No external_ns_group

Forward/Stub server name server group name. Example: ext_ns_group1.

EA-Site String  No Extensible attribute

extensible_attributes

 EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users List No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: [‘Annie’,‘John’].

ADMGRP-XXXX

String No PermissionsAdminGroup/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

Page 403: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 403

Stub ZoneField Name

Data Type

Required(Yes/No)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-StubZone

String Yes Identifies the first row as a header row for the stub zones. Example: StubZone

fqdn FQDN Yes Name zone This field combines the AAAA record name and the zone name to form the FQDN. Example: aaaa1.corp100.com

view String No DNS View views If no view is specified, the default view is used. Example: Default

zone_format

String Yes Type Valid values are , ,and .FORWARD IPV4 IPV6

prefix String No RFC 2317 Prefix

prefix Prefix is used for reverse-mapping RFC2317 zones only. If you include a prefix in a forward-mapping zone, the appliance ignores the prefix. No error message is generated.

disabled Boolean No Disable disable Enable or disable the stub zone. Example: FALSE

comment String No Comment comment Example: This is a stub zone.

disable_forwarding

Boolean No Do not use forwarders

disable_forwarding

Enable or disable forwarding. Example: False

stub_from Master Nameserver list

Yes List of external stub servers. Example: "nm1.test.com/2.2.2.2,..."

stub_members

Member server list

No List of stub Grid members.

ns_group String No ns_group Stub member name server group name. Example: stub_ns_group1.

ns_group_external

String No external_ns_group

Forward/Stub server name server group name. Example: ext_ns_group1.

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users

List No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: [‘Annie’, ‘John’].

ADMGRP-XXXX

String No Permissions Admin Group/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

Delegated Zone

Field Name

Data Type

Required(Yes/No)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-DelegatedZone

String Yes Identifies the first row as a header row for delegated zones. Example: DelegatedZone

fqdn FQDN Yes Name zone This field combines the AAAA record name and the zone name to form the FQDN. Example: aaaa1.corp100.com

view String No DNS View views If no view is specified, the default view is used. Example: Default

zone_format

String Yes Type Valid values are , ,and .FORWARD IPV4 IPV6

prefix String No RFC 2317 Prefix

prefix Prefix is used for reverse-mapping RFC2317 zones only. If you include a prefix in a forward-mapping zone, the appliance ignores the prefix. No error message is generated.

disabled Boolean No Disable disable Enable or disable the zone. Example: FALSE

comment String No Comment comment Example: Delegated zone header.

delegate_to Delegated Servers list

Yes Example: delegate_server1.test.com/1.1.1.1/,

delegated_ttl

Unsigned integer

No This is an inherited field. Example: 28800

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users List No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: ['Annie', 'John'].

Page 404: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 404

ADMGRP-XXXX

String No Permissions Admin Group/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

ns_group String No Name server group

ns_group Authoritative name server group name. Example: name-ns-group1

_new_prefix String No Add this field to overwrite the prefix field when you select the Overwrite or Merge option. Use the host name of the Grid member in this field. Example: infoblox.localdomain

ddns_protected

Boolean No Protected Add this field in order to restrict DDNS updates to record.

ddns_principal

String No Principal Displays the principal name for dynamic records with the GSS-TSIG principal authentication enabled in the advanced updates properties of the Grid, view, zone, or Standalone.

Authoritative Name Server Group

Field Name

Data Type

Required(Yes/No)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-NsGroup

String Yes Identifies the first row as a header row for the authoritative name server group objects. Example: AuthoritativeNsGroup.

group_name

String Yes Indicates the name of the authoritative name server group. Example: ns_group1

_new_group_name

String No You can overwrite the group name.

grid_primaries

Grid member list and stealth state

No Grid Primary/ Stealth

primary stealth List of primary servers of the name server group. The valid format is: "hostname/stealth" Example: "foo.localadmin/False,corp1.com/True,..."

external_primaries

Server list No External Primary

primary List of external primary servers. The valid format is: name/ip/stealth/use_2x_tsig/use_tsig/ tsig_name/tsig_key. Only name and IP address are required. If is not specified, stealth use_2x

and are used and the default value is set to . Example: "ext1.test.com/1._tsig use_tsig False1.1.1/FALSE,.."

external_secondaries

Server list No External Secondary

secondaries List of external secondary servers. The valid format is: name/ip/stealth/use_2x_tsig/use_tsig/tsig_ name/tsig_key. Only name and IP address are required. Default values are assumed for

, and . If either or is , then stealth use_2x_tsig use_tsig use_2x_tsig use_tsig True tsig_nameand are required. tsig_keyExample: "sec1.com/1.1.1.1/FALSE/FALSE/FALSE/foo/ sdfsdf86ew,.."

grid_secondaries

Member server list

No Grid Secondary

secondaries List of Grid secondary servers. The valid format is: hostname/stealth/lead/grid_replicate. Only hostname is required. The appliance assumes default value for Values are not stealth.specified for and fields. Example: "member1.localdomain/FALSE/TRUElead grid_replicate/FALSE,"

is_grid_default

Boolean No Set this to to set this name server group as Grid default, set to to unset this name True Falseserver group as Grid default. Example: False

comment String No Comment comment Example: This is a authoritative name server group.

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users

String No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

Delegation Name Server Group

Field Name Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-delegationnsgroup

String Yes Identifies the first row as a header row for the delegation name server group objects. Example: DelegationNsGroup.

group_name String Yes Name Indicates the name of the delegation name server group. Example: ns_group1

_new_group_name

String No You can overwrite the group name.

delegate_to String/IP Address

Yes Name Server/ Address

List of name servers with valid IP address.Example: “foo.com/1.1.1.1”

comment String No Comment Comment Example: This is a delegation name server group.

Page 405: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 405

Forwarding Member Name Server Group

Field Name Data Type

Required(Yes/No)

Associated GUIField

Associated PAPI

Method

Usage and Guidelines

Header-ForwardingM emberNsGroup

String Yes Identifies the first row as a header row for the forwarding member name server group objects. Example: ForwardingMemberNsGroup.

group_name String Yes Name name Indicates the name of the forwarding member name server group. Example: fwd_ns_group1

_new_group_name String No You can overwrite the group name.

comment String No Comment comment Example: This is a forwarding member name server group.

forwarding_servers Forwarding members list

Yes Edit-Per-Member Forwarders Editor

forwarding_servers

List of forwarding servers per Grid member. Example: False/True/infoblox.localdomain/[test/2.2.2.2],

where:

- False indicates the check box is not selected.Use Forwarders Only

- True indicates the Override Default Forwarders check box is selected.

- test/2.2.2.2 - Custom forwarders

Note: You cannot clear the custom forwarders using the CSV import operation.

EA-XXX String No Extensible attribute extensible_attributes

EA-XXX is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

Stub Member Name Server Group

Field Name Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-StubMember NsGroup

String Yes Identifies the first row as a header row for the stub member name server group objects. Example: StubMemberNsGroup.

group_name String Yes Name name Indicates the name of the stub member name server group. Example: stub_ns_group1

_new_group_name String No You can overwrite the group name.

comment String No Comment comment Example: This is a stub member name server group.

stub_members Member server list

Yes stub_members List of stub Grid members.

EA-XXX String No Extensible attribute

extensible_attributes

EA-XXX is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

Forward/Stub Server Name Server Group

Field Name Data Type

Required(Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-ForwardStub ServerNsGroup

String Yes Identifies the first row as a header row for the forward/stub server name server group objects. Example: ForwardStubServerNsGroup.

group_name String Yes Name name Indicates the name of the forward/stub server name server group. Example: ext_ns_group1

_new_group_name String No You can overwrite the group name.

comment String No Comment comment Example: This is a forward/stub server name server group.

external_servers External server list

Yes external_servers List of external servers.

EA-XXX String No Extensible attribute

extensible_attributes

EA-XXX is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

A Record

Note: IDN is supported for object type: fqdn. You can use IDN or punycode while importing this object.

Page 406: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 406

Field Name

Data Type

Required(Yes/No)

AssociatedGUI Field

Associated PAPI

Method

Usage and Guidelines

Header-ARecord

String Yes Example: ARecord

fqdn FQDN Yes Name name This field combines the A record name and the zone name to form the FQDN.Example: a1.corp100.com

_new_fqdn

FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used.

address IP address

Yes IP Address ipv4addrss Example: 192.138.1.1

_new_address

IP address

No Add this field to overwrite the address field when you select the overwrite or merge option.

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see . Example: 7200 Data Specific Guidelines

EA-Site String No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Gui

.delines

EA-Users List No Extensible attribute Users

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see . Data Specific Guidelines

ADMGRP-JoeSmith

String No Permissions AdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for A records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an A Record

This example shows how to add an A record, bind_a.corp100.com, with the extensible attribute Site = Infoblox, and the permission, DNS_Admins = RO.

header-arecord,address*,fqdn*,ADMGRP-DNS_Admins,EA-Site arecord,100.0.0.1,bind_a.corp100.com,RO,Infoblox

Overwriting A Record Data

This example shows how to modify the permission of the admin group DNS_Admins from RO to DENY in an existing A record, bind_a.corp100.com.

header-arecord,address*,fqdn*,ADMGRP-DNS_Admins arecord,100.0.0.1,bind_a.corp100.com,DENY

Merging DNS Zone Data

This example shows how to merge the TTL value = 1280 to an existing A record, bind_a.corp100.com.

header-arecord,address*,fqdn*,ttl arecord,100.0.0.1,bind_a.corp100.com,1280

Page 407: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 407

AAAA Record

Note: IDN is supported for object type: You can use IDN or punycode while importing this object.fqdn.

Field Name

Data Type

Required (Yes/No)

AssociatedGUI field

Associated PAPI

Method

Usage and Guidelines

Header-AaaaRecord

String Yes Example: AaaaRecord

fqdn FQDN Yes Name zone This field combines the AAAA record name and the zone name to form the  FQDN. Example: aaaa1.corp100.com

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String  No DNS View views If no view is specified, the Default view is used. Example: Default

address IPv6 address

Yes IP Address  ipv6addrss Example: 100::10

_new_address

IPv6 address

No Add this field to overwrite the address field when you select the overwrite or merge option.

comment String  No Comment comment

disabled Boolean  No Disable disabled Example: FALSE

ttl Unsigned  integer

No TTL  ttl This is an inherited field. For information, see . Example: 7200 Data Specific Guidelines

EA-Site String  No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Guidelines

EA-Users List No Extensible attribute Users

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see . Data Specific Guidelines

ADMGRP-JoeSmith

String  No Permissions AdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for AAAA records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an AAAA Record

This example shows how to add an AAAA record, bind_aaaa.corp100.com, with a comment = add by superuser, and TTL = 3600.

header-aaaarecord,address*,fqdn*,comment,ttl aaaarecord,1234:1234::1,bind_aaaa.corp100.co,add by superuser,3600

Overwriting AAAA Record Data

This example shows how to modify an existing AAAA record from address 1234:1234::1 to 1234:1234::2, and TTL from 3600 to 3800.

header-aaaarecord,address*,_new_address,fqdn*,ttl aaaarecord,1234:1234::1,1234:1234:2,bind_aaaa.corp100.com,3800

Merging AAAA Record Data

This example shows how to disable an existing AAAA record.

header-aaaarecord,address*,fqdn*,disabled aaaarecord,1234:1234::2,bind_aaaa.corp100.com,TRUE

Page 408: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 408

Alias Records

Note: IDN is supported for object type: You can use IDN or punycode while importing this object.fqdn.

Field Name

Data Type

Required (Yes/No)

Associated GUI field

Associated PAPIMethod

Usage and Guidelines

Header-aliasrecord

String Yes NA NA Example: Alias Record

fqdn FQDN Yes Name name This field combines the Alias record name and the zone name to form the  FQDN. Example: aaaa1.corp100.com

new_fqdn FQDN No NA dns_name

target_name String  Yes Target Name target_name You can type the domain name for the resource. Examples: -  CloudFront distribution domain name: d111111abcdef8.cloudfront.net -  Elastic Beanstalk environment CNAME: example.elasticbeanstalk.com -  ELB load balancer DNS name: example-1.us-east-1.elb.amazonaws.com -  S3 website endpoint: s3-website.us-east-2.amazonaws.com -  Resource record set in this hosted zone: www.example.com

new_target_name

String  No NA dns_target_name

target_type String  Yes Target Type target_type Type of the aliased resource record, can be one of: A, AAAA, MX, NAPTR, PTR, SPF, SRV, TXT.

_new_target_type

String  No NA NA

comment String  No Comment comment Additional Information

ttl Boolean No TTL  ttl This is an inherited field. For information, see . Data Specific GuidelinesExample: 7200

disabled Boolean  No Disable disabled Example: FALSE

view String  No DNS View views If no view is specified, the Default view is used. Example: Default

Creator String No NA creator

Page 409: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 409

CNAME Record

Note: IDN is supported for object types: fqdn and canonical_name. You can use punycode or IDNs while importing these objects.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-CnameRecord

String Yes Example: CnameRecord

fqdn FQDN Yes Alias zone This field combines the CNAME record name and the zone name to form the FQDN. Example: c1.corp100.com

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

canonical_name

Domain name

Yes Canonical Name

 canonical Example: www.corp100.com

comment String No Comment comment

disabled Boolean No Disable disabled Example: FALSE

ttl Unsigned integer

No TTL ttl  This is an inherited field. For information, see . Example: 28800 Data Specific Guidelines

EA-Site String No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data SpecificGuidelines.

ADMGRP-JoeSmith

String No PermissionsAdmin Group/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see Data Specific Guidelines.

ExamplesThis section contains examples of how to create data files for CNAME records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a CNAME Record

This example shows how to add a CNAME record, bind_cname.corp100.com, to the Default DNS view.

header-cnamerecord,fqdn*,canonical_name*,view cnamerecord,bind_cname.corp100.com,somewhere.corp100.com,default

Overwriting CNAME Record Data

This example shows how to override a canonical name from somewhere.corp100.com to somewhere2.corp100.com.

header-cnamerecord,fqdn*,canonical_name* cnamerecord,bind_cname.corp100.com,somewhere2.corp100.com

Merging CNAME Record Data

This example shows how to merge the following data: admin group DNS_Admins with RW permission and extensible attribute Site = New York.

header-cnamerecord,fqdn*,ADMGRPDNS_Admins,EA-Site cnamerecord,bind_cname.corp100.com,RW,New York

DNAME Record

Note: IDN is supported for object types: fqdn and target. You can use punycode or IDNs while importing these objects.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Page 410: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 410

Header-DnameRecord

String Yes Example: DnameRecord

fqdn FQDN Yes Alias zone This field combines the DNAME record name and the zone name to form the FQDN. Example: d1.corp100.com

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

target Domain name

Yes Target target Example: d1.foo.com

comment String No Comment comment

disabled Boolean No Disable disabled Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see . Example: 28800 Data Specific Guidelines

EA-Site String No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data SpecificGuidelines.

ADMGRP-JoeSmith

String No PermissionsAdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see Data Specific Guidelines.

ExamplesThis section contains examples of how to create data files for DNAME records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a DNAME Record

This example shows how to add a DNAME record, bind_dname.corp100.com, with target = bind_dname.corp200.com, extensible attribute Site = HQ, and disabled = TRUE.

header-dnamerecord,fqdn*,target*,disabled,EA-Site dnamerecord,bind_dname.corp100.com,bind_dname.corp200.com,TRUE,HQ

Overwriting DNAME Record Data

This example shows how to enable the existing DNAME record, bind_dname.corp100.com, and add admin group DNS_Admins with RO permission.

header-dnamerecord,fqdn*,target*,disabled,ADMGRPDNS_Admins dnamerecord,bind_dname.corp100.com,bind_dname.corp200.com,FALSE,RO

Merging DNAME Record Data

This example shows how to add a comment to the existing DNAME record, bind_dname.corp100.com, and change the TTL to 3860.

header-dnamerecord,fqdn,target*,comment,ttl dnamerecord,bind_dname.corp100.com,bind_dname.corp200.com,Add by DNS admin,3860

Page 411: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 411

MX Record

Note: IDN is supported for object types: fqdn and mx. You can use punycode or IDNs while importing these objects.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-MxRecord

String Yes Example: MxRecord

fqdn FQDN Yes Mail Destination

zone This field combines the MX record name and the zone name to form the FQDN. Example: MX1.corp100.com

_new_fqdn

FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views  If no view is specified, the Default view is used. Example: Default

mx Domain name

Yes Mail Exchange exchanger Example: mailer.foo.com

_new_mx Domain name

No Add this field to overwrite the mx field when you select the overwrite or merge option.

priority Unsigned integer

Yes Preference pref Example: 10

_new_priority

Unsigned integer

No Add this field to overwrite the priority field when you select the overwrite or merge option.

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see . Example: 28800 Data Specific Guidelines

EA-Site String No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Guidelines.

EA-Users

String No Extensible attribute Country

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see . Data Specific Guidelines

ADMGRP-JoeSmith

String No PermissionsAdmin Group/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for MX records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an MX Record

This example shows how to add an MX record, bind_mx.corp100.com, with a mail exchanger, exchange.corp100.com and priority = 20.

header-mxrecord,fqdn*,mx*,priority* mxrecord,bind_mx.corp100.com,exchange.corp100.com,20

Overwriting MX Record Data

This example shows how to overwrite an existing MX record with a new fqdn, bind_mx2.corp100.com, and a new mail exchanger, new_exchange.corp100.com.

header-mxrecord,fqdn*,_new_fqdn,mx*,_new_mxmxrecord,bind_mx.corp100.com,bind_mx2.corp100.com,exchange.corp100.com,new_exchange.co rp100.com

Merging MX Record Data

Page 412: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 412

This example shows how to merge data to the existing MX record, bind_mx2.corp100.com, by adding inherited TTL value and extensible attributes Site = USA.

header-mxrecord,fqdn*,mx*,priority*,ttl,EA-Site mxrecord,bind_mx2.corp100.com,new_exchange.corp100.com,20,USA

Page 413: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 413

NAPTR Record

Note: IDN is supported for object types: fqdn and replacement. You can use punycode or IDNs while importing these objects.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-NaptrRecord

String Yes Example: NaptrRecord

fqdn FQDN Yes Domain name This field combines the domain name and the zone name to form the FQDN. Example: aptr1.corp100.com

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

order Unsigned integer

Yes Order order Example: 10

_new_order

Unsigned integer

No Add this field to overwrite the order field when you select the overwrite or merge option.

preference Unsigned integer

Yes Preference preference Example: 20

_new_preference

Unsigned integer

No Add this field to overwrite the preference field when you select the overwrite or merge option.

flags String No Flags flags You can leave this field empty. Example: U

_new_flags

String No Add this field to overwrite the flags field when you select the overwrite or merge option.

services String  No Service services You can leave this field empty. Example: SIP+D2U

_new_services

String No Add this field to overwrite the services field when you select the overwrite or merge option.

regexp String No REGEX regexp You can leave this field empty. Example: http://([^/:]+)!\1!i

_new_regexp

String No Add this field to overwrite the regexp field when you select the overwrite or merge option.

replacement

String Yes Replacement replacement Example: corp100.com

_new_replacement

String No Add this field to overwrite the replacement field when you select the overwrite or merge option.

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see Example: 28800 Data Specific Guidelines.

EA-Site String No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific G

.uidelines

EA-Users String No Extensible attribute Country

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see .Data Specific Guidelines

ADMGRP-JoeSmith

String No PermissionsAdmin Group/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for NPATR records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Page 414: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 414

Adding a NAPTR Record

This example shows how to add a NAPTR record, bind_naptr.corp100.com, with order = 10, preference = 20, and replacement = corp200.com.

header-naptrrecord,fqdn*,order*,preference*,replacement* naptrrecord,bind_naptr.corp100.com,10,20,corp200.com

Overwriting NAPTR Record Data

This example shows how to overwrite the FQDN of an existing NAPTR record from bind_naptr.corp100.com to bind_naptr2.corp100.com.

header-naptrrecord,fqdn*,_new_fqdn order*,preference*,replacement* naptrrecord,bind_naptr.corp100.com,bind_naptr2.corp100.com,10,20,corp200.com

This example shows how to override the preference of an existing NAPTR record from 20 to 25 and replacement from corp200.com to corp300.com.

header-naptrrecord,fqdn*,order*,preference*,_new_preference,replacement*,_new_replacem entnaptrrecord,bind_naptr.corp100.com,10 20 25,corp200.com,corp300.com

Merging NAPTR Record Data

This example shows how to merge Service = http+E2U and TTL = 3600 seconds to an existing NAPTR record.

header-naptrrecord,fqdn*,order*,preference*,replacement*,services,ttl naptrrecord,bind_naptr.corp100.com,10,25,Corp300.com,http+E2U,3600

Page 415: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 415

NS Record

Note: IDN is supported for object type: fqdn. You can use IDN or punycode while importing this object.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-NsRecord

String Yes Example: NsRecord

fqdn FQDN Yes Zone name This field combines the domain name and the zone name to form the FQDN.Example: test.corp100.com

view String No DNS View views If no view is specified, the Default view is used. Example: Default

dname Domain name

Yes Name Server nameserver Example: ns1.corp100.com

_new_dname

Domain name

No Add this field to overwrite the dname field when you select the overwrite or merge option.

zone_nameservers

Server list

Yes Name server list

addresses Data must be in the following format: "IPAddress1/auto_create_ptr1, IPAddress2/auto_create_ptr2" Example: "10.0.0.4/TRUE, 10.0.0.44/FALSE, 10.0.0.55/TRUE"

Note: When you perform a CSV export of automatically created NS records using Infoblox API, the field will have an empty value. zone_nameserversTherefore, if you import the previously exported CSV file that includes automatically created NS records through the Infoblox GUI, then the CSV import fails and Grid Manager displays an error message.

ExamplesThis section contains examples of how to create data files for NS records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an NS Record

This example shows how to add an NS record corp100.com in the Default DNS view with DNAME (name server) = ns1.corp100.com, name server address = 100.0.0.101, and TRUE for adding a PTR Record.

header-nsrecord,fqdn*,view,dname*,zone_nameservers* nsrecord,corp100.com,default,ns1.corp100.com,"100.0.0.101/TRUE"

This example shows how to add an NS record corp200.com in the Internal DNS view with DNAME (name server) = ns1.corp200.com and two name server addresses: 200.0.0.101 with TRUE for adding a PTR Record and 200.0.0.102 with TRUE for adding a PTR record.

header-nsrecord,fqdn*,view,dname*,zone_nameservers* nsrecord,corp200.com,Internal,ns1.corp200.com,"200.0.0.101/TRUE,200.0.0.102/TRUE"

Overwriting NS Record Data

This example shows how to overwrite the DNAME of an existing NS record from ns1.corp100.com to ns2.corp100.com.

header-nsrecord,fqdn*,dname*,_new_dname,zone_nameservers* nsrecord,corp100.com,ns1.corp100.com,ns2.corp100.com,"100.0.0.101/TRUE"

This example shows how to overwrite the zone name servers of an existing NS record to 100.0.0.101/TRUE and 100.0.0.102/TRUE.

header-nsrecord,fqdn*,dname*,zone_nameservers* nsrecord,corp100.com,ns2.corp100.com,"100.0.0.101/TRUE,100.0.0.102/TRUE"

Merging NS Record Data

This example shows how to merge zone name servers 100.0.0.101/TRUE and 100.0.0.102/TRUE to an NS record.

header-nsrecord,fqdn*,dname*,zone_nameservers* nsrecord,corp200.com,ns1.corp200.com,"100.0.0.101/TRUE,100.0.0.102/TRUE"

Page 416: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 416

PTR Record

Note: IDN is supported for object types: fqdn and dname. You can use punycode or IDNs while importing these objects.

Field Name

DataType

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-PtrRecord

String Yes Example: PtrRecord

fqdn FQDN No Name namezone

This field is required if you do not use the address field. Either the IP address or FQDN is required. Example: 10.0.0.10.in.addr.arpa

_new_fqdn

Reverse FQDN

No Add this field to overwrite the fqdn field when you use the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

address IP address

No IP Address ipv4addrssipv6addrss

This field is required if you do not use the fqdn field. Either the IP address or FQDN is required. Example: 10.0.0.11If the PTR record belongs to a forward-mapping zone, this field is empty.

_new_address

IP address

No Add this field to overwrite the address field when you use the overwrite or merge option. 

dname FQDN Yes Domain Name ptrdname Example: ss.dd.ff

_new_dname

FQDN No Add this field to overwrite the dname field when you select the overwrite or merge option.

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. Example: 28800

EA-Site String No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Gui

.delines

ADMGRP-JoeSmith

String No Permissions AdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see .Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for PTR records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a PTR Record

This example shows how to add a PTR record.

header-ptrrecord,dname*,fqdn ptrrecord,ptr.corp100.com,1.0.0.100.in-addr.arpa

Overwriting PTR Record Data

This example shows how to overwrite an existing PTR record with a new FQDN, 2.0.0.100.in-addr.arpa.

header-ptrrecord,dname*,fqdn ptrrecord,ptr.corp100.com,2.0.0.100.in-addr.arpa

This example shows how to overwrite an existing PTR record with a new IP address, 100.0.0.3.

header-ptrrecord,dname*,address ptrrecord,ptr.corp100.com,100.0.0.3

Merging PTR Record Data

This example shows how to change the DNAME of a PTR record from ptr.corp100.com to ptr2.corp100.com, and to add comment = East Asia.

Page 417: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 417

header-ptrrecord,dname*,_new_dname,comment ptrrecord,ptr.corp100.com,ptr2.corp100.com,East Asia

Page 418: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 418

TXT Record

Note: IDN is supported for object type: fqdn. You can use IDN or punycode while importing this object.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-TxtRecord

String Yes Example: TxtRecord

fqdn FQDN Yes Name name zone

This field combines the record name and the zone name to form the FQDN. Example: t1.corp100.com

_new_fqdn

FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

text String No Text text You can leave this field empty.

_new_txt String No Add this field to overwrite the txt field when you select the overwrite or merge option.

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see . Example: 28800 Data Specific Guidelines

EA-Site String No Extensible attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Guidelines.

ADMGRP-JoeSmith

String No Permissions AdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for TXT record data import. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a TXT Record

This example shows how to add a TXT record, bind_txt.corp100.com, with text = this is a TXT record and TTL set to 3600 seconds.

header-txtrecord,fqdn*,text,ttl txtrecord,bind_txt.corp100.com,this is a TXT record,3600

Overwriting TXT Record Data

This example shows how to overwrite the text field of a TXT record.

header-txtrecord,fqdn*,text,_new_texttxtrecord,bind_txt.corp100.com,this is a TXT record,this is a new TXT record

Merging TXT Record Data

This example shows how to add comment = USA and disabled = TRUE to an existing TXT record.

header-txtrecord,fqdn*,text,comment,disabled txtrecord,bind_txt.corp100.com,this is a TXT record,USA,TRUE

Page 419: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 419

SRV Record

Note: IDN is supported for object types: fqdn and target. You can use punycode or IDNs while importing these objects.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-SrvRecord

String Yes Example: SrvRecord

fqdn FQDN Yes Service name This field combines the service name and the zone zone name to form the FQDN. Example: _http._tcp.corp100.com

_new_fqdn

FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default priority 

priority Unsigned integer

Yes Priority priority Example: 10

_new_priority

Unsigned integer

No Add this field to overwrite the priority field when you select the overwrite or merge option.

weight Unsigned integer

Yes Weight weight Example: 20

_new_weight

Unsigned integer

No Add this field to overwrite the weight field when you select the overwrite or merge option.

port Unsigned integer

Yes Port port Example: 80

_new_port

Unsigned integer

No Add this field to overwrite the port field when you select the overwrite or merge option.

target Domain name

Yes Target target Example: foo.test.com

_new_target

Domain name

No Add this field to overwrite the target field when you select the overwrite or merge option.

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see . Example: 28800 Data Specific Guidelines

EA-Site String No Extensible attribute Site

extensible_attributes

 EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific G

.uidelines

ADMGRP-JoeSmith

String No PermissionsAdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for SRV records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a SRV Record

This example shows how to add a new SRV record.

header-srvrecord,fqdn*,port*,priority*,target*,weight* srvrecord,bind_srv.corp100.com,80,10,srv.corp100.com,20

Overwriting SRV Record Data

This example shows how to overwrite the following data of a SRV record: port from 80 to 88 and priority from 10 to 20.

header-srvrecord,fqdn*,port*,_new_port,priority*,_new_priority,target*,weight* srvrecord,bind_srv.corp100.com,80,88,10,20,srv.corp100.com,20

This example shows how to overwrite the following data of a SRV record: target from srv.corp100.com to srv2corp100.com and weight from 20 to 30.

Page 420: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 420

header-srvrecord,fqdn*,port*,priority*,target*,_new_target,weight*,_new_weight srvrecord,bind_srv.corp100.com,88,20,srv.corp100.com,sv2.corp100.com,20,30

Merging SRV Record Data

This example shows how to merge the following data to a SRV record: comment = USA and disabled = TRUE.

header-srvrecord,fqdn*,port*,priority*,target*,weight*,comment,disabled srvrecord,bind_srv.corp100.com,80,10,srv.corp100.com,20,USA,TRUE

Page 421: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 421

TLSA RecordField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-TlsaRecord

String Yes Identifies the first row as a header row for the TLSA record objects. Example: TlsaRecord.

name String Yes Name name This field indicates the name of the TLSA resource record. Example: _123._tcp.

certificate_usage

Unsigned integer

Yes Certificate Usage

certificate_usage

Indicates the data that is used to match the certificate presented in the TLS handshake. Example: 0.

selector Unsigned integer

Yes Selector selector Specifies which part of the TLS certificate presented by the server is matched with the data during TLS handshake. Example: 1.

matched_type

Unsigned integer

Yes Matched Type matched_type Specifies how the certificate association is presented. Example: 2.

certificate_data

String Yes Certificate Data certificate_data Either raw data for matching type No hash, or the hash of the raw data for matching types SHA 256 bit and SHA 512 bit. Example: d2abde240d7cd3ee6b4b28c54df034b979 83a1d16e8a410e4561cb106618e971.

_new_certificate data

String No Certificate Data certificate_data Add this field to overwrite the certificate_data field when you select the overwrite or merge option.

comment String No Comment comment

ttl Boolean No TTL ttl This is an inherited field. For information, see Data Specific Guidelines.

fqdn String Yes FQDN name zone This field combines the service name and the zone name to form the FQDN. Example: _http._tcp.corp100.com

_new_fqdn

String No zone Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

disabled Boolean No Disable disable Example: FALSE

creator String No creator Example: STATIC

ExamplesThis section contains examples of how to create data files for TLSA records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a TLSA Record

This example shows how to add a new TLSA record.

header-tlsarecord,certificate_data*,certificate_usage*,fqdn*,matched_type*,selector*, creator,disabled,name,view,ADMGRP-cloud-api-only,EA-Sitetlsarecord,2D2D2D2D2D424547494E20434552544946494341544520524551554553542D2D2D2D2D0A4D4 94943354443434163774341514177675A347,0,_443._tcp.doctest,0,0,STATIC,FALSE,_tcp._443,default,RO,Boston

Overwriting TLSA Record Data

This example shows how to overwrite the following data of a TLSA record. Consider an example where certificate_usage* is 0 as in the following example:

header-tlsarecord,certificate_data*,certificate_usage*,fqdn*,matched_type*,selector*, creator,disabled,name,view,ADMGRP-cloud-api-only,EA-Sitetlsarecord,2D2D2D2D2D424547494E20434552544946494341544520524551554553542D2D2D2D2D0A4D4 94943354443434163774341514177675A347,0,_443._tcp.doctest,0,0,STATIC,FALSE,_tcp._443,default,RO,Boston

Note that is changed from 0 to 1: certificate_usage*

header-tlsarecord,certificate_data*,certificate_usage*,fqdn*,matched_type*,selector*, creator,disabled,name,view,ADMGRP-cloud-api-only,EA-Sitetlsarecord,2D2D2D2D2D424547494E20434552544946494341544520524551554553542D2D2D2D2D0A4D4

Page 422: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 422

94943354443434163774341514177675A347,1,_443._tcp.doctest,0,0,STATIC,FALSE,_tcp._443,default,RO,Boston

Merging TLSA Record Data

This example shows how to disable an existing TLSA record.

header-tlsarecord,certificate_data*,certificate_usage*,fqdn*,matched_type*,selector*, creator,disabled,name,view,ADMGRP-cloud-api-only,EA-Sitetlsarecord,2D2D2D2D2D424547494E20434552544946494341544520524551554553542D2D2D2D2D0A4D4 94943354443434163774341514177675A347,0,_443._tcp.doctest,0,0,STATIC,TRUE,_tcp._443,default,RO,Boston

This example shows how to add new FQDN to a TLSA record.

header-tlsarecord,certificate_data*,certificate_usage*,fqdn*,_new_fqdn,matched_type*, selector*,creator,disabled,name,view,ADMGRP-cloud-api-only,EA-Sitetlsarecord,2D2D2D2D2D424547494E20434552544946494341544520524551554553542D2D2D2D2D0A4D4 94943354443434163774341514177675A347,0,_443._tcp.doctest,_443._udp.doctest,0,0,STATIC,FALSE,_tcp._443,default,RO,Boston

Page 423: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 423

CAA RecordField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-CAARecord

String Yes Identifies the first row as a header row for the CAA record objects. Example: CAARecord.

flag Int Yes Indicates critical or default CAA record.Example: 0

type String Yes Specifies the type of CAA record. Example: issue

CA String No Indicates the name of the certificate authority. Example: certissues.example.com.

ca_details String No Specifies additional details about the CA requests. Example: policy=ev

comment String No Comment comment

ttl Boolean No TTL ttl This is an inherited field. For information, see Data Specific Guidelines.Example: 28800

fqdn String Yes FQDN name zone This field combines the service name and the zone name to form the FQDN. Example: _http._tcp.corp100.com

_new_fqdn String No zone Add this field to overwrite the fqdn field when you select the overwrite or merge option.

disabled Boolean No Disable disable Example: FALSE

view String No DNS View views If no view is specified, the Default view is used. Example: Default

creator String No creator Example: STATIC

ExamplesThis section contains examples of how to create data files for CAA records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab. You can add new rows, update existing CAA resource record values or delete an existing CAA resource record.

Adding a CAA Record

This example shows how to add a new CAA record.

header-caarecord,ca*,_new_ca,ca_flag*,ca_type*,fqdn*,_new_fqdn,ca_details,_new_ca_details,comment,creator,disabled,name,ttl,viewcaarecord,abc.com,0,default,issue,xyz.com,0,caa record,new caa record,caa record information,static,false,0,3600,default

Overwriting CAA Record Data

This example shows how to overwrite the following data of a CAA record. Consider an example where is as in the following example:ca_type* issue

header-caarecord,ca*,_new_ca,ca_flag*,ca_type*,fqdn*,_new_fqdn,ca_details,_new_ca_details,comment,creator,disabled,name,ttl,viewcaarecord,abc.com,0,default,issue,xyz.com,0,caa record,new caa record,caa record information,static,false,0,3600,default

Note that is changed from to : ca_type* issue issuewild

header-caarecord,ca*,_new_ca,ca_flag*,ca_type*,fqdn*,_new_fqdn,ca_details,_new_ca_details,comment,creator,disabled,name,ttl,viewcaarecord,abc.com,0,default,issuewild,xyz.com,0,caa record,new caa record,caa record information,static,false,0,3600,default

Page 424: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 424

Host RecordIf only one IPv4 address is specified in the host record, you can add DHCP options to the host address.

Note: IDN is supported for object types: fqdn and aliases. You can use punycode or IDNs while importing these objects.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines Method

Header-HostRecord

String Yes Example: HostRecord

fqdn FQDN Yes Name name zone

This field combines the host record name and the zone name to form the FQDN. Example: h2.corp100.com

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

network_view

String No Network View If no network view is specified, the Default view is used. Example: Default

addresses IP address or IP address list 

No IP Addresses ipv4addrs You must specify a value in this field or in the ipv6_addresses field. Example: '1.2.3.4' or  "1.2.3.4, 5.6.7.8". If there are multiple addresses in the host record, use HostAddress to specify the parameters for each address. For information, see and IPv4 Host Address IPv6

. Host Address

ipv6_addresses

IP address or IP address list 

No IP Addresses ipv6addrs You must specify a value in this field or in the addresses field. If there are multiple addresses in the host record, use HostAddress to specify the parameters for each address. For information, see and . IPv4 Host Address IPv6 Host Address

aliases Alias list No Aliases aliases Example: www.infoblox.com

configure_for_dns

Boolean No Enable in DNS configure_for_dns

Example: TRUE

_new_configure_for_dns

Boolean No Enable in DNS  configure_for_dns

Add this field to overwrite the configure_for_dns field when you select the overwrite or merge option.

comment String No Comment comment

disabled Boolean No Disable disabled Example: FALSE

ttl Unsignedinteger

No TTL ttl This is an inherited field. For information, see . Example: 28800 Data Specific Guidelines

mac_address

MAC address

No MAC Address mac_address This field applies to the host address. This is required if the IP address is configured for DHCP. Example: aA:Bb:c2:DD:E1:FF

configure_for_dhcp

Boolean No DHCP check box

configure_for_dhcp

This field applies to the host address.  Example: TRUE

deny_bootp Boolean No Deny BOOTP Requests

deny_bootp  This field applies to the host address. Example: FALSE

broadcast_address

String No Broadcast Address

This field applies to the host address.

boot_file String No Boot File boot_file This field applies to the host address.

boot_server String No Boot Server boot_server  This field applies to the host address.

next_server String No Next Server next_server This field applies to the host address.

lease_time Unsignedinteger

No Lease Time lease_time This field applies to the host address.

pxe_lease_time_enabled

Boolean No Enable PXE Lease Time

This field applies to the host address.

pxe_lease_time

Unsignedinteger

No PXE Lease Time

pxe_lease_time This field applies to the host address.

domain_name

FQDN No Domain Name domain_name This field applies to the host address.

domain_name_servers

IP list No Name Server This field applies to the host address. Example: "5.6.7.8,1.2.3.4"

Page 425: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 425

routers IP list No Router This field applies to the host address. Example: "2.0.0.2,1.2.3.4"

match_option

String No match_client This field applies to the host address. Data must be in the following format: MAC_ADDRESS/RESERVED

ignore_dhcp_param_request_list

Boolean No IgnoreOptionalist

ignore-dhcp_option_list_ request

 This field applies to the host address.

OPTION-1 String No Custom DHCP Options

options This field applies to the host address. Example: '255.0.0.0' name implies vendor_class='DHCP' (default)

OPTION-XXXX-200

Option Information

No Custom DHCPOptions

options This field applies to the host address. Example: 'dfdfdfd' name implies vendor_class='XXXX', optioncode/number 200

EA-Site String No Extensible attributeSite

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific

.Guidelines

ADMGRP-JoeSmith

String No PermissionsAdminGroup/Role

PermissionsAdminGroup/Role

ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see Data Specific .Guidelines

ExamplesThis section contains examples of how to create data files for host records. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a Host Record

This example shows how to add a new host record, host1, in zone corp100.com and DNS view Initial.

header-hostrecord,addresses,configure_for_dns*,fqdn*,view hostrecord,100.0.0.101,TRUE,host1.corp100.com,Inital

This example shows how to add a new host record, host2, in zone corp100.com with aliases = www.corp100.com, comment = USA, and TTL = 3600 seconds.

header-hostrecord,addresses,configure_for_dns*,fqdn*,aliases,comment,ttl hostrecord,100.0.0.102,TRUE,host2.corp100.com,www.corp100.com,USA,3600

Overwriting Host Record Data

This example shows how to overwrite the FQDN of an existing host record from host1.corp100.com to new_host1.corp100.com, and to change the TTL to 128 seconds.

header-hostrecord,addresses,configure_for_dns*,fqdn*,_new_fqdn,ttl hostrecord,100.0.0.101,TRUE,host1.corp100.com,new_host1.corp100.com,1280

This example shows how to overwrite the aliases of a host record from www.corp100.com to www.corp200.com and comment from USA to Japan.

header-hostrecord,addresses*,configure_for_dns*,fqdn*,aliases,comment hostrecord,100.0.0.102,TRUE,host2.corp100.com,www.corp200.com,Japan

Note that overwriting the host record data is not supported for non-DNS hosts.

Merging Host Record Data

This example shows how to disable an existing host record.

header-hostrecord,configure_for_dns*,addresses*,fqdn*,disabled hostrecord,100.0.0.101,TRUE,new_host1.corp100.com,TRUE

This example shows how to add additional aliases to a host record.

header-hostrecord,configure_for_dns*,addresses*,fqdn*,aliases hostrecord,100.0.0.102,TRUE,host2.corp100.com,"www.corp200.com,http.corp200.com"

Page 426: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 426

IPv4 Host AddressUse this object type to define parameters for each IP address in an IPv4 host record. The appliance updates an existing host address when you use the "add" mode in an import. For information about host records, refer to the .Infoblox Administrator Guide

Field Name Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-HostAddress

String Yes Example: HostAddress

parent FQDN Yes Example: h1.corp100.com

view String No DNS View views If no view is specified, the Default view is used. Example: Default

network_view String No Network View network_view If no network view is specified, the Default view is used. Example: Default

address IP address Yes IP Address ipv4addrss Example: 10.0.0.11

_new_address IP address No Add this field to overwrite the address field when you select the overwrite or merge option.

mac_address MAC address

No MAC Address mac_address This is required if the IP address is configured for DHCP. Example: aA:Bb:c2:DD:E1:FF

configure_for_dhcp

Boolean No DHCP check box

configure_for_dhcp

Example: TRUE

configure_for_dns

integer No Enable in DNS configure for dns

This field is used to specify the parent host record. If not value is specified, TRUE is used.Example: TRUE

deny_bootp Boolean No Deny BOOTP Requests

deny_bootp Example: FALSE

broadcast_address

String No Broadcast Address

option_logic_filters

List of IPv4 logic filter rules

Filter Type/Action

Examples: .com.infoblox.dns.dhcp_mac_filter$mac_filter_name,.com.infoblox.dns.nac_filter$nac_filter_name,.com.infoblox.dns.dhcp_option_filters$opt_filter_name

boot_file String No Boot File boot_file

boot_server String No Boot Server boot_server

next_server String No Next Server next_server

lease_time Unsigned integer 

No Lease Time lease_time

pxe_lease_time_enabled

Boolean No Enable PXE Lease Time

Example: TRUE

pxe_lease_time Unsigned integer

No PXE Lease Time

pxe_lease_time

domain_name FQDN No Domain Name domain_name

domain_name_servers

IP list No Name Server Example: [5.6.7.8,1.2.3.4]

routers IP list No Router Example: [2.0.0.2,1.2.3.4]

match_option String No match_client  Data must be in the following format: MAC_ADDRESS/CLIENT_IDENTIFIER/RESERVED

ignore_dhcp_param_request_list

Boolean No Ignore Optionlist

ignore-dhcp_option_list_request

OPTION-1 String No Custom DHCOptions

This is an example of a DHCP option. For information, see Data Specific .GuidelinesExample: '255.0.0.0' implies vendor_class='DHCP' (default)

OPTION-XXXX-200

Option information 

No Custom DHCOptions

P options This is an example of a DHCP option. For information, see Data Specific G Example: 'dfdfdfd' name implies vendor_class='XXXX', optioncode.uidelines

/number 200

ExamplesThis section contains examples of how to create data files for host addresses. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Page 427: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 427

Adding an IPv4 Host Address

This example shows how to import the host address 100.0.0.1 in host record h1.corp100.com with a MAC address, enabled DHCP, and a domain name.

header-hostaddress,parent*,address*,mac_address,configure_for_dhcp,domain_name hostaddres,h1.corp100.com,100.0.0.1,aa:aa:aa:aa:aa:aa,TRUE,corp200.com

This example shows how to import the host address 100.0.0.2 in host record h2.corp100.com with a MAC address, and two routers with addresses 1.1.1.1 and 2.2.2.2.

header-hostaddress,parent*,address*,mac_address,configure_for_dhcp,routers hostaddress,h2.corp100.com,100.0.0.2,bb:aa:aa:aa:aa:aa,False,1.1.1.1,2.2.2.2

Overwriting IPv4 Host Address Data

This example shows how to overwrite the MAC address and domain name of a host address, and to set configure DHCP to TRUE.

header-hostaddress,parent*,address*,mac_address,configure_for_dhcp,domain_name hostaddress,h1.corp100.com,100.0.0.1,cc:aa:aa:aa:aa:aa,FALSE,corp300.com

This example shows how to overwrite the router address of a host address from 1.1.1.1,2.2.2.2 to 1.1.1.1.

header-hostaddress,parent*,address*,routers hostaddress,h2.corp100.com,100.0.0.2,1.1.1.1

Merging IPv4 Host Address Data

This example shows how to merge the following data of a host address: change a new address from 100.0.0.1 to 100.0.0.10, change bootp to DENY, and add lease time.

header-hostaddress,parent*,address*,_new_address,deny_bootp,lease_time hostaddress,h1.corp100.com,100.0.0.1,100.0.10,FALSE,3600

This example shows how to merge the broadcast address, PXE lease time, and enabled ignore option list to an IPv4 host address.

header-hostaddress,parent*,address*,broadcast_address,pxe_lease_time,ignore_dhcp_param_request_list hostaddress,h2.corp100.com,100.0.0.2,6.6.6.6,1280,TRUE

Page 428: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 428

IPv6 Host AddressField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6HostAddress

String Yes Example: IPv6hostaddress

view String No DNS View view If no view is specified, the Default view is used. Example: Default

network_view String No Network View network_view If no network view is specified, the Default view is used. Example: Default

parent FQDN Yes Example: h1.corp100.com

address_type Enumeration No address_type Valid values are ADDRESS, PREFIX, or BOTH. If no value is specified, 'ADDRESS' (default) is used. Example: PREFIX

address IPv6 address

Yes IPv6 Address ipv6addrs Example: 1001::001

_new_address IPv6 address

No Add this field to overwrite the address field when you select the overwrite or merge option.

ipv6_prefix IPv6 prefix No ipv6prefix This field is required if address_type is ‘ADDRESS’ or ‘BOTH’.Example: 2000:1111::

_new_ipv6_prefix IPv6 prefix No Add this field to overwrite the ipv6_prefix fieldwhen you select the overwrite or mergeoption.

ipv6_prefix_bits Integer No IPv6_prefix_bits This field is required if address_type is ‘ADDRESS’ or ‘BOTH’.Example: 32

configure_for_dhcp

Boolean No DHCP check box

configure_for_dhcp Example: TRUE

configure_for_dns

Boolean No Enable in DNS configure for dns This field is used to specify the parent host record. If not value is specified, TRUE is used.Example: TRUE

match_option String No match_client Only ‘DUID’ is allowed. Example: DUID

duid String No DUID duid Example: 0001

domain_name FQDN No Domain Name

domain_name_servers

IPv6 address list

No Name Server Example: ‘2000::10,3000::10’

valid_lifetime Unsigned integer

No Valid Lifetime valid_lifetime Example: 43200

preferred_lifetime Unsigned integer

No Preferred Lifetime

preferred_lifetime Example: 604800

OPTION-7 Integer No Custom DHCPOptions

override_options This is an example of a DHCP option. For information, see Data Specific Guideli.nes

Example: ‘12’ name implies option space = ‘DHCPv6’, option code/number 7

OPTION-XXXX-200

Option information

No Custom DHCPOptions

override_options This is an example of a DHCP option. For information, see  Data Specific Guidelines.Example: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

ExamplesThis section contains examples of how to create data files for IPv6 host addresses. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv6 Host Address

This example shows how to import an IPv6 host address to a host record in the Default DNS view.

header-IPv6hostaddress,parent*,address*,view IPv6hostaddress,h1.corp100.com,1001::001,Default

Overwriting IPv6 Host Address Data

This example shows how to overwrite an IPv6 host address.

header-IPv6hostaddress,parent*,address*,_new_address IPv6hostaddress,h1.corp100.com,1001::001,2000::10

Page 429: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 429

Merging IPv6 Host Address Data

This example shows how to merge a DUID to an IPv6 host address.

header-IPv6hostaddress,parent*,address*,duid IPv6hostaddress,h1.corp100.com,2000::10,0001

Page 430: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 430

Bulk HostField Name

DataType

Required(Yes/N0)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-BulkHost

String Yes Identifies the first row as a header row for the bulk host objects. Example: BulkHost

parentfqdn

FQDN Yes Name zone Indicates the FQDN of the zone to which bulk host will be added.

view String No DNS View views If no view is specified, the Default view is used. Example: Default

prefix String No RFC 2317 Prefix

prefix Prefix is used for reverse-mapping zones only. The characters must be prepended to the host in the bulk host. If you include a prefix in a forward-mapping zone, the appliance ignores the prefix. No error message is generated.

_new_prefix

String No Add this field to overwrite the prefix field when you select the or option.Use the Overwrite Mergehostname of the Grid member in this field. Example: infoblox.localdomain

start_address

IP address

Yes Start start_addr Indicates the starting IP address. Example: 10.0.0.11

_new_start_address

IP address

No Add this field to overwrite the field when you select the or start_address Overwrite Mergeoption. Example: 10.0.0.55

end_address

IP address

Yes End end_addr Indicates the last IP address. Example: 10.0.0.22

_new_end_address

IP address

No Add this field to overwrite the field when you select the or option. end_address Overwrite MergeExample: 10.0.0.66

reverse Boolean No Example: True

comment String No Comment comment Example: This is a Bulk Host.

disabled Boolean No Disable disable Enable or disable the bulk host. Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. Example: 7200

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users

List No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: [‘Annie’, ‘John’].

ADMGRP-XXXX

String No Permissions Admin Group/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

NXDOMAIN and Blacklist Rulesets

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-Ruleset

String Yes Example: Ruleset

name String Yes Name name Example: ruleset1

_new_name

String No Example: ruleset1-new

type String Yes type You can use this field for NXDOMAIN rules or blacklist rules. Valid value is NXDOMAIN or BLACKLIST.Example: NXDOMAIN

disabled Boolean No Disable disabled Example: FALSE

comment String No Comment comment

ADMGRP-JoeSmith

String No PermissionsAdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

Examples

Page 431: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 431

This section contains examples of how to create data files for NXDOMAIN and blacklist rulesets. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an NXDOMAIN Ruleset

This example shows how to import an NXDOMAIN ruleset.

header-Ruleset,name*,type*,comment,disabled ruleset,NXD,NXDOMAIN,This is an NXDOMAIN ruleset,FALSE

Adding a Blacklist Ruleset

This example shows how to import a blacklist ruleset.

header-Ruleset,name*,type*,disabled,comment ruleset,blacklistrule1,BLACKLIST,FALSE,This is a blackset ruleset

Overwriting Blacklist Ruleset Data

This example shows how to overwrite the name of a blacklist ruleset.

header-Ruleset,name*,_new_name,type* ruleSet,blacklistrule1,blacklistrule2,BLACKLIST

Merging NXDOMAIN Ruleset Data

This example shows how to merge an admin permission to a NXDOMAIN ruleset.

header-Ruleset,name*,type*,ADMGRP-JoeSmith ruleSet,NXD,NXDOMAIN,RW

Page 432: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 432

NXDOMAIN RuleField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-nxdomainrule

String Yes Example: NxdomainRule

parent String Yes Name nxdomain_rules This field indicates the ruleset to which the NXDOMAIN rule belongs. Example: nxdomain-ruleset1

pattern String Yes Pattern pattern Use this to match domain names. You cannot use the characters * and ,, in the domain name. Example: foo

_new_pattern String No Example: foo-new

action String Yes Action action The valid value is PASS, MODIFY or REDIRECT. Example: PASS

ExamplesThis section contains examples of how to create data files for NXDOMAIN rules. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an NXDOMAIN Rule

This example shows how to import an NXDOMAIN rule.

header-nxdomainrule,action*,parent*,pattern* nxdomainrule,REDIRECT,NXD,*foo.com

Overwriting NXDOMAIN Rule Data

This example shows how to overwrite the action of an NXDOMAIN rule.

header-nxdomainrule,action*,parent*,pattern* nxdomainRule,REDIRCT,NXD,*bar.com

Page 433: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 433

Blacklist RuleField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-blacklistrule

String Yes Example: BlacklistRule

parent String Yes Name blacklist_rulesets

Example: blacklist-ruleset1

domain_name

String Yes Domain Name Use this to match domain names. You cannot use the characters * and ,, in the domain name. The domain name cannot exceed 255 characters. Example: www.foo.com

_new_domain_name

String No Example: www.bar.com

action String Yes Action blacklist_action The valid value is PASS or REDIRECT.Example: PASS

ExamplesThis section contains examples of how to create data files for blacklist rules. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a Blacklist Rule

This example shows how to import a blacklist rule.

header-blacklistrule,parent*,domain_name*,action* BlacklistRule,BlackList,foobar.com,REDIRECT

Overwriting Blacklist Rule Data

This example shows how to overwrite the action of a blacklist rule.

header-blacklistrule,parent*,domain_name*,action* BlacklistRule,BlackList,foobar.com,PASS

Page 434: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 434

Whitelist RuleField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

header-analyticsdomainwhitelist

String Yes Example: analyticsdomainwhitelist

fqdn String Yes Domain Name Use this to match domain names. You cannot use the characters * and ,, in the domain name. The domain name cannot exceed 255 characters. Example: www.test.com

comment String No Comment Enter additional information about this domain.

disabled String Yes Disable The valid value is TRUE or FALSE. Example: FALSE

type CUSTOM Yes xample: CUSTOM

ExampleThis section contains an example of how to create data file for whitelist rules. The example uses comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a Whitelist Rule

This example shows how to import a whitelist rule.

header-analyticsdomainwhitelist, fqdn*, disabled, type BlacklistRule,BlackList,foobar.com,FALSE,CUSTOM

Page 435: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 435

DNS64 Synthesis GroupYou can import the name of a named ACL in the fields that support named ACLs, such as clients, mapped, and exclude.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-Dns64SynthesisGroup

String Yes Example: Dns64SynthesisGroup

name String Yes Name name Example: group1

prefix IPv6 network

Yes Prefix prefix Example: 64:FF9B::/96

comment String No Comment comment

clients Access control list

No Name clients Valid values are IPv4 and IPv6 addresses and networks only. The default value is ‘Any’. Example: 2000::/64/AllowNote that you can import the name of a named ACL in this field.

mapped Access control list

No Mapped IPv4Address Name

mapped Valid values are IPv4 addresses and networks only. The default value is ‘Any’. Example: 10.0.0.0/8/AllowNote that you can import the name of a namedACL in this field.

exclude Access control list

No Excluded IPv6Address Name

exclude Valid values are IPv6 addresses and networks only. The default is ‘None’. Example: 2000::/AllowNote that you can import the name of a named ACL in this field.

disabled Boolean No Disabled disable Example: FALSE

ExamplesThis section contains examples of how to create data files for DNS64 synthesis groups. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a DNS64 Synthesis Group

This example shows how to import a DNS64 Synthesis Group.

header-Dns64SynthesisGroup,name*,prefix*,mapped Dns64SynthesisGroup,DNS64Group1,64:FF9B::/96,10.0.0.0/8/Allow

Overwriting DNS64 Synthesis Group Data

This example shows how to overwrite the mapped IPv4 address of a DNS64 synthesis group.

header-Dns64SynthesisGroup,name*,prefix*,mapped Dns64SynthesisGroup,DNS64Group1,64:FF9B::/96,10.1.1.0/24/Allow

Adding Named ACL Data

This example shows how to add the name of a named ACL to the mapped address of a DNS64 synthesis group.

header-Dns64SynthesisGroup,name*,prefix*,mapped Dns64SynthesisGroup,DNS64Group1,My_Named_ACL

Page 436: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 436

Response Policy ZoneFor a Response Policy Zone, CSV import supports all the values that are listed in along with the following values: Authoritative Zone

Field Name Data Type

Required (Yes/No)

Associated GUI Field Associated PAPI Method

Usage and Guidelines

priority Unsigned integer

No Example: 1001

severity String No Severity Valid values are Critical, Major, Warning, and Informational

substitute_name FQDN No Example: JKL.NET

 rpz_policy String No Policy Override Valid values are GIVEN, NXDOMAIN, NODATA, PASSTHRU, SUBSTITUTE, and DISABLED

rpz_drop_ip_rule_enabled

Boolean No Ignore RPZ-IP triggers with too small prefix lengths

When this is set to DNS server ignores RPZ-IP rules with prefix True,lengths that are less than the specified prefix length limit. Example: TRUE

rpz_drop_ip_rule_min_prefix_length_ipv4

Unsigned Integer

No Minimum IPv4 Prefix Length

Indicates the minimum IPv4 prefix length for RPZ-IP triggers. The default value is 29.

rpz_drop_ip_rule_min_prefix_length_ipv6

Unsigned Integer

No Maximum IPv4 Prefix Length

Indicates the minimum IPv6 prefix length for RPZ-IP triggers. The default value is 112.

Page 437: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 437

Response Policy A RecordFor a Response Policy A Record, CSV import supports all the values that are listed in along with the following values: A Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

create_ptr Boolean No Create associated PTR record Example: TRUE

parent_zone FQDN No Example: ABC.NET

https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark32
Page 438: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 438

Response Policy AAAA RecordFor a Response Policy AAAA Record, CSV import supports all the values that are listed in along with the following value: AAAA Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 439: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 439

Response Policy IP A RecordFor a Response Policy IP A Record, CSV import supports all the values that are listed in along with the following values: A Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

create_ptr Boolean No Example: TRUE

parent_zone FQDN No Example: ABC.NET

https://docs.infoblox.com/display/nios84/Stub+Zone#StubZone-bookmark32
Page 440: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 440

Response Policy IP AAAA RecordFor a Response Policy IP AAAA Record, CSV import supports all the values that are listed in along with the following value: AAAA Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 441: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 441

Response Policy MX RecordFor a Response Policy MX Record, CSV import supports all the values that are listed in along with the following value: MX Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 442: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 442

Response Policy NAPTR RecordFor a Response Policy NAPTR Record, CSV import supports all the values that are listed in along with the following value: NAPTR Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 443: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 443

Response Policy PTR RecordFor a Response Policy PTR Record, CSV import supports all the values that are listed in along with the following value: PTR Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 444: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 444

Response Policy SRV RecordFor a Response Policy SRV Record, CSV import supports all the values that are listed in along with the following value: SRV Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 445: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 445

Response Policy TXT RecordFor Response Policy TXT Record, CSV import supports all the values that are listed in along with the following value: TXT Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 446: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 446

Response Policy CNAME RecordFor Response Policy CNAME Record, CSV import supports all the values that are listed in along with the following value: CNAME Record

Field Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

parent_zone FQDN No Example: ABC.NET

Page 447: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 447

Response Policy IP AddressField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-ResponsePolicyIPAddress

String Yes Example: ResponsePolicyIPAddress

fqdn FQDN Yes Name name Example: 10.1.2.3.ABC.NET

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used.

canonical_name IP address No Canonical Name canonical Example: 10.1.2.3

parent_zone FQDN No Example: ABC.NET

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see Data Specific Guid. Example: 7200elines

ExampleThis example shows how to create data files for Response Policy IP Address. The example uses comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

header-ResponsePolicyIPAddress,fqdn*,canonical_name,disabled,parent_zone,view ResponsePolicyIPAddress,10.1.2.3.ABC.NET,10.1.2.3,FALSE,ABC.NET,DEFAULT

Page 448: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 448

Response Policy Client IP AddressField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-ResponsePolicyClientIPAddress

String Yes Example: ResponsePolicyClientIPAddress

fqdn FQDN Yes Name name Example: 10.1.2.1.ABC.NET

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used.

canonical_name IP address No Canonical Name canonical Example: 10.1.2.1

parent_zone FQDN No Example: ABC.NET

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see Data Specific Gu. Example: 7200idelines

ExampleThis example shows how to create data files for Response Policy Client IP Address. The example uses comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

header-ResponsePolicyClientIPAddress,fqdn*,canonical_name,disabled,parent_zone,view ResponsePolicyClientIPAddress,10.1.2.1.ABC.NET,10.1.2.1,FALSE,ABC.NET,DEFAULT

Page 449: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 449

Response Policy IP Address CNAMEField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-ResponsePolicyIPAddressCname

String Yes Example: ResponsePolicyIPAddressCname

fqdn FQDN Yes Name name Example: 10.1.2.3.ABC.NET

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used.

canonical_name IP address No Canonical Name canonical Example: 10.1.2.3

parent_zone FQDN No Example: ABC.NET

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see Data Specific G. Example: 7200uidelines

ExampleThis example shows how to create data files for Response Policy IP Address CNAME. The example uses comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

header-ResponsePolicyIPAddressCname,fqdn*,canonical_name,disabled,parent_zone,view ResponsePolicyIPAddressCname,10.1.2.3.ABC.NET,10.1.2.3,FALSE,ABC.NET,DEFAULT

Page 450: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 450

Response Policy Client IP Address CNAMEField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-ResponsePolicyClientIPAddress

String Yes Example: ResponsePolicyClientIPAddress

fqdn FQDN Yes Name name Example: 10.1.2.1.ABC.NET

_new_fqdn FQDN No Add this field to overwrite the fqdn field when you select the overwrite or merge option.

view String No DNS View views If no view is specified, the Default view is used.

canonical_name IP address No Canonical Name canonical Example: 10.1.2.1

parent_zone FQDN No Example: ABC.NET

comment String No Comment comment

disabled Boolean No Disable disable Example: FALSE

ttl Unsigned integer

No TTL ttl This is an inherited field. For information, see Data Specific Gu. Example: 7200idelines

ExampleThis example shows how to create data files for Response Policy Client IP Address CNAME. The example uses comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

header-ResponsePolicyClientIPAddressCname,fqdn*,canonical_name,disabled,parent_zone,vi ewResponsePolicyClientIPAddressCname,10.1.2.1.ABC.NET,10.1.2.1,FALSE,ABC.NET,DEFAULT

Page 451: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 451

Dynamic Update GroupField Name Data Type Required (Yes/No) Associated GUI Field Associated PAPI Method Usage and Guidelines

Header-ddnsprincipa lgroup String Yes Example: ddnsprincipalgroup

name String Yes Name name Example: corp.example.com

comment String No Comment comment

Dynamic Update Cluster Group

Field Name Data Type

Required (Yes/No)

Associated GUIField

Associated PAPIMethod

Usage and Guidelines

Header-ddnsprincipa lcluster

String Yes Example: ddnsprincipalcluster

name String Yes Name name Example: cluster1

parent String Yes Dynamic Update Group

clusters Example: corp.example.com

principals String Yes Principal principals Example: [email protected]

comment String No Comment comment

Grid DHCP ObjectsNIOS does not support add and delete operations.

Field Name

DataType

Required(Yes/No)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-GridDhcp

String Yes Identifies the first row as a header row for the Grid DHCP objects. Example: GridDhcp

authority Boolean No When you set this to DHCP server is authoritative for this domain. Example: FalseTrue,

domain_name

String No Indicates the domain name.

recycle_leases

Boolean No LeaseDeletion

recycle_leases This field is set to by default. When you set this to leases in a deleted range are True True,kept until expiration. Ensure that you use the option if you want to change the Overwritevalue to Merging data from an import preserves the default value.False.

ignore_dhcp_option_list_request

Boolean No ignore_dhcp_option_list_request

When this is set to it clears the value of option-55. Example: FalseTrue,

enable_pxe_lease_time

Boolean No Enable PXE lease time

If this value is set to True, DHCP server uses different lease time for PXE clients. This field applies to the host address. Example: False

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Indicates the lease time for PXE clients in seconds. This field applies to the host address. Example: 43220.

bootfile String No Boot File bootfile Indicates the boot file name.Example: bootfile1

bootserver String No Boot Server bootserver Indicates the boot server.Example: abc.corp100.com

nextserver String No Next Server nextserver Indicates the next server.Example: blue.domain.com

deny_bootp Boolean No Deny BOOTP Requests

deny_bootp When this is set to True, it denies BOOTP requests. This field applies to the host address. Example: FALSE

enable_ddns Boolean No Enable DDNS Updates

enable_ddns Enable or disable dynamic updates via DHCP to DNS server(s). Example: FALSE

ddns_use_option81

Boolean No Option 81Support

ddns_use_option81

Enable or disable option 81 support. Enables .always_update_dns fieldExample: TRUE

ddns_server_always_updates

Boolean No ddns_server_always_updates

When you set this to True, DHCP server will always update DNS.

ddns_generate_hostna

Boolean No GenerateHostname

ddns_generate_hostname

When you set this to True, DHCP server will generate a hostname for DNS updates if not sent by client. Example: TRUE

Page 452: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 452

me

ddns_ttl Unsigned integer

No DDNSUpdate TTL

ddns_ttl Indicates the DDNS TTL value in seconds. This is an inherited field. Example: 1200

retry_ddns_updates

Boolean No retry_ddns_updates

When you set this value to True, DHCP server will retry failed DNS updates. Example:False

ddns_retry_interval

Unsigned integer

No ddns_retry_interval

Indicates the minimum time in minutes between DNS update retries. You must set ddns_retry to to modify the value in the CSV file._updates True ddns_retry_interval

enable_dhcp_thresholds

Boolean No Enable DHCP Thresholds

enable_dhcp_thresholds

Enable DHCP thresholds. When you set this field to you must enter values in the True, range_ and fields. You cannot leave those fields empty. high_water_mark range_low_water_mark

Otherwise, the appliance generates an error.

high_water_mark

Unsignedinteger

No High Water Mark

high_water_mark

Indicates the percentage value for DHCP range usage after which an alarm will be active. When you set to you must enter values in this field and in the enable_thresholds True, range

field. You cannot leave these fields empty. Otherwise, the appliance _low_water_markdisplays an error message.Example: 80

high_water_mark_reset

Unsignedinteger

No Indicates the percentage value for DHCP range usage after which an alarm will bereset. Example: 85

low_water_mark

Integer No Low WaterMark

low_water_mark

Indicates the percentage value for DHCP range usage below which an alarm will be active. When you set to you must enter values in this field and in the enable_thresholds True, range

field. You cannot leave these fields empty. Otherwise, the appliance _high_water_markdisplays an error message.Example: 10

low_water_mark_reset

Unsigned integer

No Indicates the percentage value for DHCP range usage above which an alarm will be reset. Example: 10

enable_email_warnings

Boolean No enable_email_warnings

Enable to send DHCP threshold warnings via email. Example: False

enable_snmp_warnings

Boolean No Enable to send DHCP threshold warnings via SNMP. Example: False

email_list Email addresslist

No List of email addresses. Example:"'[email protected]', '[email protected]',"

ipv6_domain_name_servers

IPv6 DNS server list

No List of IPv6 domain name servers. Example: “2001::1, 2001::2,...”

ping_count Unsigned integer

No ping_count Indicates the number of DHCP pings. Example: 1

ping_timeout Unsigned integer

No ping_timeout Indicates the timeout (in seconds) for DHCP pings. Example: 1000

capture_hostname

Boolean No When you set this value to the appliance captures host name and lease time when True,assigning fixed addresses.

enable_leasequery

Boolean No When you set this value to the appliance allows lease query. Example: FalseTrue,

update_dns_on_lease_renewal

Boolean No LeaseRenewalUpdate

override_update_dns_on_lease_renewal

Indicates whether the DHCP server updates DNS when a DHCP lease is renewed. Specify True to enable it or False to disable it.

ipv6_update_dns_on_lease_renewal

Boolean No Set or retrieve the flag. This attribute controls whether ipv6_update_dns_on_lease_renewalthe DHCP server updates DNS when an IPv6 DHCP lease is renewed. Specify to Trueenable this feature or to disable it. The default value is False False.

txt_record_handling

String No Specifies how DHCP should treat TXT records while performing DNS update.Example: ISC

lease_scavenge_time

Unsignedinteger

No Indicates the Grid level lease_scavenge_time value. If the value is -1, which means this lease scavenge will is disabled. The minimum value would be 7 * 24 * 60 * 60 ( 7 days).

failover_port Unsigned integer

No Indicates the failover port number. The default value is 647. The port number must be between 1 and 63999.

enable_fingerprint

Boolean No When you set this value to fingerprint matching for incoming lease requests will be True,enabled. Example: False

ipv6_enable_ddns

Boolean No Set this value to to override the value at the Grid level. Set the parameter to to True Falseinherit the settings from the Grid.

Page 453: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 453

ipv6_ddns_enable_option_fqdn

Boolean No Indicates whether the FQDN option sent by the client is to be used, or if the server can automatically generate the FQDN. Default value is half of lease time. Example: False

ipv6_ddns_server_always_updates

Boolean No Specify True to enable this feature or False to disable it. The default value is False. You must set this to False to update DNS only if requested by the client.

ipv6_generate_hostname

Boolean No When you set this value to True, the hostname is generated if it is not sent by the client. Example: False

ipv6_ddns_domainname

String No The DDNS domain name in FQDN format. Example: test_domain.com

ipv6_ddns_ttl

Unsigned integer

No Indicates the member IPv6 DDNS TTL value in seconds. Example: 0

Preferred_lifetime

Integer No Preferred Lifetime

preferred_lifetime

Indicates whether the preferred_lifetime value in the DHCP member is used, instead of the Grid default. Example: 6

valid_lifetime Unsigned integer

No Valid Lifetime valid_lifetime Indicates whether the valid_lifetime value in the Grid Member DHCP is used, instead of the upper-level default.Example: 43200

ipv6_domain_name

String No

ipv6_txt_record_handling

String No Example: ISC

ipv6_capture_hostname

Boolean No Example: False

ipv6_recycle_leases

Boolean No When you set this to True, the leases are kept in recycle bin until one week after expiration. When you set this to False, the leases are irrecoverably deleted. Example: False

ipv6_enable_retry_updates

Boolean No When you set this flag to True, the DHCPv6 server retries failed dynamic DNS updates. The default value is True. Example: False

ipv6_retry_updates_interval

Unsigned integer

No Set the retry interval when the member DHCPv6 server makes repeated attempts to send DDNS updates to a DNS server. The default retry interval is five minutes.

ddns_domainname

String No DDNS Domain Name 

ddns_domainname

The DDNS domain name in FQDN format. Example: ddns.corp100.com

lease_per_client_settings

String No Defines how the server will release the client lease. This field is set to RELEASE_MATCHING by default. Valid values are ONE_LEASE_PER_CLIENT, RELEASE_MATCHING_ID and _ID

NEVER_RELEASE.

ignore_client_identifier

Boolean No Indicates if the client identifier will be ignored for a DHCP shared network object. When you set this to the client identifier will be ignored. Example: FalseTrue,

disable_all_nac_filters

Boolean No When you set this value to NAC filters will be disabled on the Infoblox Grid. Example: True,False

format_log_option_82

String No Select the logging format to either hexadecimal or a decoded string which is human readable.

OPTION-1 String No CustomDHCPOptions

options This field applies to the host address. Example: ‘255.0.0.0’ nameimplies vendor_class=’DHCP’ (default)

OPTION-XXXX-200

Optioninformation

No CustomDHCPOptions

options This field applies to the host address. Example: ‘dfdfdfd’ name implies vendor_class=‘XXXX’, optioncode/number 200

v6_leases_scavenging_enabled

Boolean No LeaseScavenging

ipv6_enable_lease_scavenge

When you set this to the DHCPv6 server deletes free, expired, and released leases. True,The default value is Example: TrueFalse.

v6_leases_scavenging_grace_period

Unsigned integer

No LeaseScavenging

ipv6_lease_scavenge_time

Indicates the period (in seconds) for which free, expired, and released DHCPv6 leases remain in the database before they are automatically deleted. Example: 604800

Page 454: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 454

Member DHCP ObjectsField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-MemberDhcp 

String Yes Identifies the first row as a header row for the member DHCP objects. Example: MemberDhcp

broadcast_address

IP address

No Broadcast Address

This field applies to the host address. Example: 10.1.0.

domain_name_servers

IP addresslist

No Name server List of domain name servers. Example: "10.2.3.4,11.2.3.4,"

ignore_client_requested_options

Boolean No Clears the value of option-55 when you set the value to True. Example: True

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Indicates the lease time for PXE clients in seconds. This field applies to the host address. Example: 43220.

lease_time Unsigned integer

No Lease Time lease_time Indicates the attribute of a DHCP NAC filter object. This field applies to the host lease_timeaddress.

domain_name

FQDN No Domain Name domain_name Indicates the domain name. This field applies to the host address.

routers IP addresslist

No Router Indicates the router IP addresses. This field applies to the host address. Example: “2.0.0.2,1.2.3.4”

option_logic_filters

List of IPv4 logic filter rules

Filter Type/Action

Examples:.com.infoblox.dns.dhcp_mac_filter$mac_filter_name, .com.infoblox.dns.nac_filter$nac_filter_name, .com.infoblox.dns.dhcp_option_filters$opt_filter_name

enable_pxe_lease_time

Boolean No Enable PXE Lease Time

If this value is set to DHCP server uses different lease time for PXE clients. This field True,applies to the host address. Example: False

deny_bootp Boolean No Deny BOOTP Requests

deny_bootp When this is set to it denies BOOTP requests. This field applies to the host address. True,Example: FALSE

bootfile String No Boot File bootfile Indicates the boot file name. Example: bootfile1

bootserver String No Boot Server bootserver Indicates the boot server. Example: abc.corp100.com

nextserver String No Next Server nextserver Indicates the next server. Example: blue.domain.com

enable_thresholds

Boolean No Enable DHCP Thresholds

enable_dhcp_thresholds

Enable DHCP thresholds. When you set this field to you must enter values in the and True, range_high_water_mark r

fields. You cannot leave these fields empty. Otherwise, the ange_low_water_markappliance displays an error message.

range_high_water_mark

Unsigned integer

No High WaterMark

high_water_mark

Indicates the percentage value for DHCP range usage after which an alarm will be active. When you set to you must enter values in this field and in the enable_thresholds True, rang

field. You cannot leave these fields empty. Otherwise, the appliance e_low_water_markdisplays an error message.Example: 80

range_high_water_mark_reset

Unsigned integer

No Indicates the percentage value for DHCP range usage after which an alarm will be reset. Example: 85

range_low_water_mark

Integer No Low WaterMark

low_water_mark Indicates the percentage value for DHCP range usage below which an alarm will be active. When you set to you must enter values in this field and in the enable_thresholds True, rang

field. You cannot leave these fields empty. Otherwise, the appliance e_high_water_markdisplays an error message.Example: 10

range_low_water_mark_reset

Unsigned integer

No Indicates the percentage value for DHCP range usage above which an alarm will be reset. Example: 10

enable_threshold_email_warnings

Boolean No Enable EmailWarnings

enable_email_ warnings

When you use the appliance preserves the existing value in this field. When you use Merge, you must include a value, either or Otherwise, the appliance Overwrite, True False.

displays an error message. Example: True

enable_threshold_snmp_warnings

Boolean No Enable SNMPWarnings

enable_snmp_warnings

Send DHCP threshold warnings via SNMP. When you use the appliance preserves Merge,the existing value in this field. When you use you must include a value, either Overwrite, Trueor Otherwise, the appliance displays an error message.False.Example: TRUE

Page 455: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 455

threshold_email_addresses

Email addresslist

No EmailAddresses

email_list List of email addresses.Example: "'[email protected]', '[email protected]'"

enable_ddns Boolean No Enable DDNS Updates

enable_ddns Enable or disable dynamic updates via DHCP to DNS server(s). Example: FALSE

enable_option81

Boolean No Option 81Support

ddns_use_option81

Enable or disable option 81 support. Enables . Example: TRUEalways_update_dns field

always_update_dns

Boolean No FQDN Support ddns_server_always_ updates

Updates DNS when the value is Example: TRUETrue.

generate_hostname

Boolean No GenerateHostname

override_ddns_generate_ hostname

Generates host name only if not sent by client when the value is Does not generate True.host name when the value is False.

update_static_leases

Boolean No Fixed AddressUpdates

ddns_update_ fixed_address

When the value is set to server will update DNS for client with static IP addressTrue, DHCP .

ddns_ttl Unsigned integer

No DDNS UpdateTTL

ddns_ttl Indicates the DDNS TTL value in seconds. This is an inherited field. Example: 1200

update_dns_on_lease_renewal

Boolean No Lease Renewal Update

override_update_dns_on_lease_renewal

Indicates whether the DHCP server updates DNS when a DHCP lease is renewed. Specify T to enable it or to disable it.rue False

preferred_lifetime

Unsigned integer

No PreferredLifetime

preferred_lifetime

Indicates whether the value in the DHCP member is used, instead of the preferred_lifetimeGrid default.Example: 604800

valid_lifetime Unsigned

integer

No Valid Lifetime valid_lifetime Indicates whether the value in the Grid Member DHCP is used, instead of the valid_lifetimeupper-level default. Example: 43200

name GridMember

Yes The name of the Grid member. Example:member.infoblox.com

is_authoritative

Boolean No Authoritative authority Set this value to to perform override operation.TrueExample: FALSE

recycle_leases

Boolean No Lease Deletion recycle_leases This field is set to by default. When you set this to leases in a deleted range are True True,kept until expiration. Ensure that you use the option if you want to change the Overwritevalue to Merging data from an import preserves the default value.False.

ping_count Unsigned

integer

No ping_count Indicates the number of DHCP pings. Example: 1

ping_timeout Unsigned

integer

No ping_timeout Indicates the timeout (in seconds) for DHCP pings.Example: 1000

enable_leasequery

Boolean No When you set this value to the appliance allows lease query. Example: FalseTrue,

retry_ddns_updates

Boolean No retry_ddns_updates

When you set this value to DHCP server will retry failed DNS updates. Example: FalseTrue,

ddns_retry_interval

Unsigned

integer

No ddns_retry_interval

Indicates the minimum time in minutes between DNS update retries. You must set ddns_retr to to modify the value in the CSV file.y_updates True ddns_retry_interval

lease_scavenge_time

Unsigned

integer

No Indicates the Grid level value. If the value is -1, which means this lease_scavenge_timelease scavenge will is disabled. The minimum value would be 7 * 24 * 60 * 60 ( 7 days).

enable_fingerprint

Boolean No When you set this value to fingerprint matching for incoming lease requests will be True,enabled. Example: False.

ipv6_enable_ddns

Boolean No Set this value to to override the value at the Grid level. Set the parameter to to True Falseinherit the settings from the Grid. Example: False

ipv6_ddns_enable_option_fqdn

Boolean No Indicates whether the FQDN option sent by the client is to be used, or if the server can automatically generate the FQDN. Default value is half of lease time. Example: False

ipv6_generate_hostname

Boolean No When you set this value to the hostname is generated if it is not sent by the client. True,Example: False

ipv6_ddns_domainname

String No The DDNS domain name in FQDN format. Example: test_domain.com

ipv6_ddns_ttl

Unsigned integer

No Indicates the member IPv6 DDNS TTL value in seconds. Example: 0

ipv6_domain_name_se

IPv6 DNS

No List of IPv6 domain name servers. Example: “2001::1, 2001::2,...”

Page 456: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 456

rvers server list

ipv6_domain_name

String No To override the upper-level setting for , you must set the value to ipv6_domain_name True.Set the parameter to to inherit the upper-level setting for ipv6_domain_name.False

ipv6_recycle_leases

Boolean No When you set this to the leases are kept in recycle bin until one week after expiration. True,When you set this to the leases are irrecoverably deleted. False,Example: False

ipv6_server_duid

String No DUID (DHCPv6 unique identifier) of the Grid member in string format.

ipv6_enable_retry_updates

Boolean No When you set this flag to the DHCPv6 server retries failed dynamic DNS updates. The True,default value is True.Example: False

ipv6_retry_updates_interval

Unsigned integer

No Set the retry interval when the member DHCPv6 server makes repeated attempts to send DDNS updates to a DNS server. The default retry interval is five minutes.

ipv6_update_dns_on_lease_ renewal

Boolean No Set or retrieve the flag. This attribute controls ipv6_update_dns_on_lease_renewalwhether the DHCP server updates DNS when an IPv6 DHCP lease is renewed. Specify Trueto enable this feature or to disable it. The default value is False False.

ddns_domainname

String No The DDNS domain name in FQDN format. Example: test_domain.com

lease_per_client_settings

String No Defines how the server will release the client lease. This field is set to RELEASE_MATCHIN by default. Valid values are ONE_LEASE_PER_CLIENT, RELEASE_MATCHING_ID G_ID

and NEVER_RELEASE.

ignore_client_identifier

Boolean No Indicates if the client identifier will be ignored for a DHCP shared network object. When you set this to the client identifier will be ignored.True,Example: False

OPTION-1 String No Custom DHCP Options

options This field applies to the host address.Example: ‘255.0.0.0’ name implies vendor_class=‘DHCP’ (default)

OPTION-XXXX-200

Option information

No Custom DHCP Options

options This field applies to the host address.Example: ‘dfdfdfd’ name implies vendor_class=‘XXXX’, optioncode/number 200

ADMGRP-XXXX

String No PermissionsAdminGroup/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

v6_leases_scavenging_enabled

Boolean No LeaseScavenging

ipv6_enable_lease_scavenge

When you set this to the DHCPv6 server deletes free, expired, and released leases. True,The default value is False.

TrueExample:

v6_leases_scavenging_grace_period

Unsigned Integer

No LeaseScavenging

ipv6_lease_scavenge_time

Indicates the period (in seconds) for which free, expired, and released DHCPv6 leases remain in the database before they are automatically deleted. Example: 604800

Page 457: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 457

Network ViewField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-NetworkView

String Yes Identifies the first row as a header row for the network view objects. Example: NetworkView

name String Yes Indicates the name of the network view.Example: net_view1

_new_name String No Add this field to overwrite the field when you select the or name Overwrite Mergeoption.

comment String No Comment comment  Example: This is a network view.

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users String No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

ADMGRP-XXXX

String No PermissionsAdmin Group/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

Page 458: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 458

DNS ViewField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guideline

Header-View String Yes Identifies the first row as a header row for the DNS view objects. Example: View

name String Yes Example: dns_view1

_new_name String No Add this field to overwrite the field when you select the or option.name Overwrite Merge

comment String No Comment comment Example: This is a DNS view.

network_view String No Network View network_view  If no network view is specified, the default view is used. Example: Default

disable Boolean No Disable disable Enable or disable view. Example: False

recursion Boolean No allow_recursive_query

Flag to respond to recursive queries. Example: False

root_name_server_type

String No This is a single inheritance from GridDns. Example: Custom

match_clients ACL No List of items. It can address_tsig_ac be an IP address, a network entry, or a -Any TSIG/permission. If the first value is not Any or TSIG-, it is assumed to be an IP address or a network entry. Example: 10.0.0.10/Allow, 11.0.0.0/16/Deny, TSIG-foo/xyz/Allow. It can also be a named ACL. Example: NACL1.

match_destinations

ACL No Indicates the match_destination list. It can be an IP address, a network, Any or a TSIG-/permission. If the first value is not or it is assumed to be an IP address or a Any TSIG-,network entry. Example: 10.0.0.10/Allow, 11.0.0.0/16/Deny, TSIG-foo/xyz/Allow. It can also be a named ACL. Example: NACL1.

custom_root_name_servers

Root nameserver list

No List of custom root name servers. Example: rnm1.test.com/1.1.1.1/

lame_ttl Unsigned integer

No Indicates the lame TTL value in seconds. Example: 600

nxdomain_redirect

Boolean No Enable intercept and redirect nxdomain responses Example: False

nxdomain_redirect_addresses

IP address list

No Example: 1.1.1.1,2.2.2.2 Note that the field is dependent on the nxdomain_redirect_addresses nxdomain_redirectfield. Infoblox recommends that you specify values for  and nxdomain_redirect_addresses

fields and do not leave these fields blank while performing a CSV nxdomain_redirectimport operation.

nxdomain_redirect_ttl

Unsigned integer

No Indicates the NXDOMAIN redirect ttl in seconds. Example: 60

nxdomain_log_query

Boolean No When you set this to , NXDOMAIN redirections will be logged.Example: FalseTrue

nxdomain_rulesets

List of domain names

No List of Ruleset objects used for NXDOMAIN redirection. Example: nxd1.com, nxd2.com

enable_blacklist

Boolean No enable_blacklist Enable or disable blacklisting at the Grid level. Example: False

blacklist_redirect_addresses

IP address list

No blacklist_redirect_ addresses

Set or retrieve the list of IPv4 addresses to which the blacklisted queries are redirected.Example: 1.1.1.1,2.2.2.2

blacklist_action

String No Specify the action to be performed when a domain name matches the pattern defined in an assigned rule. Example: Redirect

blacklist_redirect_ttl

Unsigned integer

No Set or retrieve the TTL value of synthetic DNS responses resulted by blacklisted queries. Example: 60

blacklist_log_query

Boolean No blacklist_log_query

Specify if blacklisted queries must be logged. Example: False

blacklist_rulesets

List of domain names

No blacklist_rulesets

Specify or retrieve ruleset objects that are blacklisted at the Grid level. Example: list1.com, list2.com, ...

enable_dns64 Boolean No Enable or disable DNS64 synthesis. Example: False

dns64_groups DNS64 group list

No List of SynthesisGroup objects. Example: dns64_grp1, dns64_grp2

forwarders_only

Boolean No forward_only Enable use of forwarders only. Example: False

Page 459: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 459

Use Forwarders Only

forwarders IP address list

No forwarders List of forwarders for zone transfers. Example: "10.10.0.1,20.20.0.1,.."

filter_aaaa String No Indicates the type of AAAA filtering for this Grid DNS object. The default value is . NoExample: Yes

filter_aaaa_list

ACL No Indicates the list of IPv4 addresses and networks from which queries are received. Note that the AAAA filtering is applied to these addresses.Example: “12.0.0.12/Deny,13.0.0.0/8/Allow,. .” or “NACL1”

max_cache_ttl

Unsigned integer

No Indicates the maximum time (in seconds) for which the server will cache positive answers. The default value is 604800.

max_ncache_ttl

Unsigned integer

No Indicates the maximum time (in seconds) for which the server will cache negative (NXDOMAIN) responses. The default value is 10800. The maximum allowed value is 604800.

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users String No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

ADMGRP-XXXX

String No PermissionsAdminGroup/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

rpz_drop_ip_rule_enabled

Boolean No Ignore RPZ-IP triggers with too small prefix lengths

When this is set to True, DNS server ignores RPZ-IP rules with prefix lengths that are less than the specified prefix length limit.Example: TRUE

rpz_drop_ip_rule_min_prefix_length_ipv4

Unsigned Integer

No MinimumIPv4 PrefixLength

Indicates the minimum IPv4 prefix length for RPZ-IP triggers. The default value is 29.

rpz_drop_ip_rule_min_prefix_length_ipv6

Unsigned Integer

No Maximum IPv4 Prefix Length

Indicates the minimum IPv6 prefix length for RPZ-IP triggers. The default value is 112

IPv4 Network Container

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guideline

Header- NetworkContainer

String Yes Identifies the first row as a header row for network container objects. Example: NetworkContainer

address IP address

Yes IP Address ipv4addr Indicates the IP address of the network container. Example: 192.138.1.1

netmask Prefix Yes Netmask network Indicates the subnet mask of a network container in CIDR format. Example: 24

comment String No Comment comment Example: This is an IPv4 network container.

lease_time

integer No Lease Time Example: 1100

routers IP address list

No Routers Example: "10.0.0.1,10.0.0.100,"

domain_name

FQDN  No Domain Name

domain_name_servers

IP address list  

No DNS Servers Example: "10.2.3.4,11.2.3.4"

broadcast_address

IP address

No Broadcast Address

Example: 10.0.0.1

OPTION-1

String  No Custom DHCP Options

options This is an example of a DHCP option. For Options information, see . Data Specific Guidelines Example: '255.0.0.0' name implies vendor_class='DHCP' (default)

OPTION-XXXX-200

Option information

No Custom DHCP Options

options This is an example of a DHCP option. For information, see  Example: Data Specific .Guidelines'dfdfdfd' name implies vendor_class='XXXX', option code/number 200

Page 460: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 460

enable_ddns

Boolean No Enable DDNS Updates

enable_ddns Example: FALSE

ddns_domainname

String No DDNS Domain Name

ddns_domainname

Example: ddns.corp100.com

ddns_ttl Unsigned integer

No DDNS Update TTL

ddns_ttl Indicates the DDNS TTL value in seconds.Example: 1200

ddns_generate_hostname

Boolean No GenerateHostname

ddns_generate_hostname

When you set this to DHCP server will generate a hostname for DNS updates if not sent True,by client. Example: TRUE

update_static_ leases

Boolean No Update FixedAddress

ddns_update_fixed_address

Example: FALSE

enable_ option81

Boolean No Option 81Support

ddns_use_option81

Example: TRUE

update_dns_on_ lease_renewal

Boolean No Lease Renewal Update

override_ upda te_dns_ on_lea

se_ renewal

Example: TRUE

enable_dhcp_ thresholds

Boolean No Enable DHCP Thresholds

enable_dhcp_ thresholds

When you set this field to TRUE, you must enter values in the range_high_water_mark and range_low_water_mark fields. You cannot leave those fields empty. Otherwise, the appliance generates an error.

enable_email_ warnings

Boolean No enable_email_warnings

Enable to send DHCP threshold warnings via email. Example: False

enable_snmp_ warnings

Boolean No Enable to send DHCP threshold warnings via SNMP. Example: False

threshold_email_addresses

email address list

No Email Addresses

Example:"'[email protected]','[email protected]'"

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Example: 1100

deny_bootp

Boolean No Deny BOOTP Requests

deny_bootp Example: FALSE

boot_file String  No Boot File bootfile Example: bootfile1

boot_server

String No Boot Server bootserver Example: abc.corp100.com

next_server

String No Next Server nextserver Example: blue.domain.com

option_logic_filters

List of IPv4 logic filter rules 

Filter Type/Action

Examples: .com.infoblox.dns.dhcp_mac_filter$mac_filte r_name,.com.infoblox.dns.nac_filter$nac_filter_name,.com.infoblox.dns.dhcp_option_filters$opt_filter_name

lease_scavenge_time

Unsigned integer

No Indicates the Grid level . If the value is -1, which means this lease_scavenge_time valuelease scavenge will is disabled. The minimum value would be 7 * 24 * 60 * 60 ( 7 days).

is_authoritative

Boolean  No Authoritative authority Example: FALSE

recycle_leases

Boolean  No Lease Deletion recycle_leases This field is set to TRUE by default. Ensure that you use the overwrite option if you want to change the value to FALSE. Merging data from an import preserves the default value.

ignore_client_requested_options

Boolean No Ignore Optionlist

ignore_dhcp_option_list_request

Example: TRUE

network_view

String No Network View network_view If no network view is specified, the default view is used. Example: Default

rir_organization

String  No Organization Name

rir_organization Identifies the Regional Internet Registry (RIR) organization object. Use this only when the network is associated with an RIR organization.Example: corp100

rir_registration_status

String No Registration Status

rir_registration_status

Identifies the registration status of Regional Internet Registry (RIR). Use this only for an RIR network. When you enable the check box at the Grid Enable Updates Of RIR Registrationslevel and import a CSV file to add either an or an IPv4 network container IPv6 network

with the set to Registered without values for any other RIR container rir_registration_statusfields, the appliance completes the import operation and adds the IPv4 network container or the IPv6 network container to the Grid. The status of this IPv4 network container or the IPv6

Page 461: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 461

network container is set as network. Non-registeredExample: Non-registered

last_rir_registration_update_sent

String No Identifies the last registration update timestamp of Regional Internet Registry (RIR). This is a read-only attribute.

last_rir_registration_update_status

String No Identifies the last registration update status of Regional Internet Registry (RIR). This is a read-only attribute.

enable_discovery

Boolean Yes Enable Discovery

network If this field is set to , the must also be defined.True discovery_member

discovery_member

String Yes DiscoveryMember

network Indicates the discovery member name. Required if discovery is enabled for the network.

discovery_exclusion_range

Prefix No List of IP ranges to be excluded from the discovery process.

remove-subnets

Boolean No Specify to keep the subnets or to remove them. The default value is undefined, False Truewhich is to remove all subnets. Use this only when you want to delete a network container. When you perform CSV export of a network container, the CSV file does not contain the remov

column. You must add the column to the CSV export file if you e-subnets remove-subnetswant to perform a delete operation. When you delete a network container from the CSV file, you must set to to delete both the parent and sub networks. When you remove-subnets Trueset this column value to the CSV delete operation deletes only the parent network when False,you delete a network container.

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users

String No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

ADMGRP-XXXX

String No PermissionsAdminGroup/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

Page 462: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 462

IPv4 NetworkField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-Network

String Yes Example: Network

rir_organization

String No Organization Name

rir_organization Use this only when the network is associated with an RIR organization.Example: corp100

rir_registration_status

String No Registration Status

rir_registration_status

Use this only when this is an RIR network.Example: Registered

address IP address

Yes Address network Example: 10.0.0.11

netmask Netmask Yes Netmask Example: 255.255.0.0

network_view

String No Network View network_view If no view is specified, the Default view is used. Example: Default

enable_discovery

Boolean Yes Enable Discovery

enable_discovery

If this field is set to TRUE, the discovery_member must also be defined.

discovery_member

String Yes Discovery Member

discovery_member

Required if discovery is enabled for the network.

discovery_exclusion_range

IP Prefix

No Network Editor Discovery Exclusions

discovery_exclusion_range

List of IP ranges to be excluded from the discovery process.

comment String No Comment comment

auto_create_reversezone

Boolean No Automatically create reverse mapping zone

auto_create_reversezone

Example: TRUE

is_authoritative

Boolean No Authoritative authority Example: FALSE

option_logic_filters

List of IPv4 logic filter rules

No Filter Type/Action

Examples:.com.infoblox.dns.dhcp_mac_filter$mac_filter_name,.com.infoblox.dns.nac_filter$nac_filter_name,.com.infoblox.dns.dhcp_option_filters$opt_filter_name

boot_file String No Boot File bootfile Example: bootfile1

boot_server

String No Boot Server bootserver Example: abc.corp100.com

ddns_domainname

String No DDNS Domain Name

ddns_domainname

Example: ddns.corp100.com

ddns_generate_hostname

Boolean No Generate Hostname

ddns_generate_hostname

When you set this to DHCP server will generate a hostname for DNS updates if not sent True,by client. Example: TRUE

always_update_dns

Boolean No DNS Zones Associations

ddns_server_always_updates

Example: FALSE

update_static_leases

Boolean No Fixed Address Updates

ddns_update_fixed_address

Example: FALSE

update_dns_on_lease_renewal

Boolean No Update DNS on DHCP Lease Renewal

override_update_dns_on_lease_renewal

Example: TRUE

ddns_ttl Unsigned integer

No DDNS Update TTL

ddns_ttl This is an inherited field. For information, see  Data Specific Guidelines.Example: 1200

enable_option81

Boolean No Option 81 Support

ddns_use_option81

Example: TRUE

deny_bootp

Boolean No Deny BOOTP Requests

deny_bootp Example: FALSE

broadcast_address

String No Broadcast Address

disabled Boolean No Disabled disable Example: FALSE

enable_d Boolean No Enable DDNS enable_ddns Example: FALSE

Page 463: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 463

dns Updates

enable_thresholds

Boolean No Enable DHCP Thresholds

enable_dhcp_thresholds

When you set this field to TRUE, you must enter values in the range_high_water_mark and range_low_water_mark fields. You cannot leave those fields empty. Otherwise, the appliance generates an error.

enable_threshold_email_ warnings

Boolean No Enable Email Warnings

enable_email_warnings

When you use the merge function, the appliance preserves the existing value in this field. When you use the overwrite function, you must include a value (TRUE or FALSE). Otherwise, the appliance generates an error.Example: TRUE

enable_threshold_snmp_warnings

Boolean No Enable SNMP Warnings

enable_snmp_warnings

When you use the merge function, the appliance preserves the existing value in this field. When you use the overwrite function, you must include a value (TRUE or FALSE). Otherwise, the appliance generates an error.Example: TRUE

range_high_water_mark

Integer No High Water Mark

high_water_mark

When you set enable_thresholds to TRUE, you must enter values in this field and in the range_low_water_mark field. You cannot leave these fields empty. Otherwise, the appliance generates an error.Example: 80

ignore_client_requested_ options

Boolean No Ignore Optionlist

ignore_dhcp_option_list_request

Example: TRUE

range_low_water_mark

Integer No Low Water Mark

low_water_mark When you set enable_thresholds to TRUE, you must enter values in this field and in the range_high_water_mark field. You cannot leave these fields empty. Otherwise, the appliance generates an error.Example: 10

next_server

String No Next Server nextserver Example: blue.domain.com

lease_time Unsigned integer

No Lease Time Example: 1100

enable_pxe_lease_time

Boolean No Enable PXE lease time

Example: FALSE

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Example: 1100

recycle_leases

Boolean No Lease Deletion recycle_leases This field is set to TRUE by default. Ensure that you use the overwrite option if you want to change the value to FALSE. Merging data from an import preserves the default value.

threshold_email_addresses

email addresslist

No Email Addresses

Example: "'[email protected]','admin2@somew '"here.com

dhcp_members

Grid memberlist

No Members members Example: "host1.infoblox.com,host2.infoblox.com"

routers IP addresslist

No Routers Example: "10.0.0.1,10.0.0.100,"

domain_name

FQDN No Domain Name

domain_name_servers

IP addresslist

No DNS Servers Example: "10.2.3.4,11.2.3.4"

zone_associations

Zone list

No Example: test.com/TRUE

OPTION-1

String No Custom DHCP Options

options This is an example of a DHCP option. For information, see  Data Specific Guidelines. Example: ‘255.0.0.0’ name implies vendor_class=’DHCP’ (default)

OPTION-XXXX-200

Option information

No Custom DHCP Options

options This is an example of a DHCP option. For information, see . Data Specific GuidelinesExample: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

EA-Site String No Extensible Attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see  Data Specific Guidelines.

EA-XXX String No Extensible AttributeXXXvalue

inheritable EA-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the value of an inheritable extensible attribute. For information about data format and examples, see  Data Specific Guidelines.

EAInherited-XXX

String No Inheritance State ofan ExtensibleAttribute XXX

inheritable EAInherited-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the inheritance state of an inheritable extensible attribute. This column is displayed only if the extensible attribute is inheritable. For information about data format and examples, see  Data Specific Guidelines.

Page 464: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 464

EA-Users String No Extensible Attribute User

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see  . Data Specific Guidelines

ADMGRP-JoeSmith

String No Permissions Admin Group/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see  . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for networks. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv4 Network

This example shows how to import network 10.1.0.0/16 in the network view External with auto create reverse zone enabled and a comment.

header-network,address*,netmask*,network_view,auto_create_reversezone,comment network,10.1.0.0,255.255.0.0,External,TRUE,This is comment field

For a network that has discovery enabled:

header-network,address*,netmask*,network_view,auto_create_reversezone, enable_discovery,discovery_membernetwork,10.1.0.0,255.255.0.0,External,TRUE,TRUE,gridmember1.localdomain

For a network that has discovery enabled and including an IPv4 range that is excluded for discovery:

header-network,address*,netmask*,network_view,auto_create_reversezone, enable_discovery,discovery_member,discovery_exclusion_rangenetwork,10.1.0.0,255.255.0.0,External,TRUE,gridmember1.localdomain,10.1.8.0-10.1.8.255

Note: You cannot import a network container, but you can add an IPv4 network container through GUI.

Overwriting IPv4 Network Data

This example shows how to overwrite the following data in an existing network: enable the network to be "authoritative" and to add boot files bppt_file_001 and boot server 1.2.3.4.header-network,address*,netmask*,is_authoritative,boot_file,boot_server network,100.0.0.0,255.255.255.0,True,boot_file_001,1.2.3.4

Merging IPv4 Network Data

This example shows how to merge the following data to an existing network: DDNS domain name, enable generate hostname, and disable always update DNS.

header-network,address*,netmask*,ddns_domainname,generate_hostname,always_update_dns network,100.0.0.0,255.255.255.0,ddns.corp100.com,TRUE,FALSE

Adding IPv4 Networks with Zone Associations Enabled

This example shows how to add networks to a member in the default network view with zone association added as the default. The first row adds a network "20.0.1.0/24" that maps to member "ib-10-34-43-2.infoblox.com" in the "default" network view with zone association "dnszone1.com" added as the default zone association. The second row adds a network "20.0.2.0/24" that maps to member "ib-10-34-43-2.infoblox.com" in the "default" network view with zone associations "dnszone1.com" and "dnszone2.com" added, where zone "dnszone2.com" is configured as the default zone association.

network,address*,netmask*,dhcp_members,network_view,zone_associationsnetwork,20.0.1.0,255.255.255.0,ib-10-34-43-2.infoblox.com,default,dnszone1.com/True/defaultnetwork,20.0.2.0,255.255.255.0,ib-10-34-43-2.infoblox.com,default,dnszone1.com/False/default, dnszone2.com/True/default

Overwriting IPv4 Network Data with Zone Associations Enabled

This example shows how to overwrite network data with zone association enabled. The first row modifies network "20.0.1.0/24" zone association from "dnszone1.com" to "dnszone2.com". The second row modifies network "20.0.2.0/24" default zone association from "dnszone2.com" to "dnszone1.com".

header-network,address*,netmask*,dhcp_members,network_view,zone_associationsnetwork,20.0.1.0,255.255.255.0,ib-10-34-43-2.infoblox.com,default,dnszone2.com/True/defaultnetwork,20.0.2.0,255.255.255.0,ib-10-34-43-2.infoblox.com,default,dnszone1.com/True/default, dnszone2.com/False/default

Page 465: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 465

IPv6 Network ContainerField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6NetworkContainer

String Yes Identifies the first row as a header row for IPv6 network container objects. Example: IPv6NetworkContainer.

address IP Address

Yes IP Address ipv6addr Indicates the IP address of the network container. Example: 2001::

cidr Prefix Yes Netmask Indicates the network container, in CIDR format, to which this network container belongs. Example: 64

network_view

String No Network View network_view If no network view is specified, the default view is used. Example: Default.

comment String No Comment comment Example: This is an IPv6 network container.

zone_associations

Zone list

No DNS Zone Associations

zone_associations

Example: test.com/TRUE

valid_lifetime

Integer No Valid Lifetime valid_lifetime Example: 43200

Preferred_lifetime

Integer No Preferred Lifetime

preferred_lifetime

Example: 604800

domain_name

String No Domain Name Example: testdomain.com

domain_name_servers

IP addresslist

No DNS Servers Example: ‘2000::10,3000::10’

OPTION-7

Integer No Custom DHCP Options

override_options This is an example of a DHCP option. For information, see   Data Specific Guidelines on page 9. Example: ‘12’ name implies option space = ‘DHCPv6’, option code/number 7

OPTION-XXXX-200

Option information

No Custom DHCP Options

override_options This is an example of a DHCP option. For information, see  Data Specific Guidelines on page 9. Example: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

recycle_leases

Boolean No Lease Deletion recycle_leases This field is set to TRUE by default. Ensure that you use the overwrite option if you want to change the value to FALSE. Merging data from an import preserves the default value.

enable_ddns

Boolean No Enable DDNS Updates

enable_ddns Example: TRUE

ddns_domainname

String No DDNS Domain Name

ddns_domainname

Example: ddns.corp100.com

ddns_ttl Unsigned integer

No DDNS Update TTL

ddns_ttl Indicates the DDNS TTL value in seconds. This is an inherited field. Example: 1200

generate_hostname

Boolean No Generate Hostname

override_ddns_generate_hostname

Example: TRUE

always_update_dns

Boolean No FQDN Support ddns_server_always_updates

Example: TRUE

update_dns_on_lease_renewal

Boolean No Lease Renewal Update

override_update_dns_on_lease_renewal

Example: TRUE

rir_organization

String No Organization Name

rir_organization Identifies the Regional Internet Registry (RIR) organization object. Use this only when the network is associated with an RIR organization.Example: corp100

rir_registration_status

String No Registration Status

rir_registration_status

Identifies the registration status of Regional Internet Registry (RIR). Use this only for an RIR network. When you enable the check box at the Grid Enable Updates Of RIR Registrationslevel and import a CSV file to add either an or an IPv4 network container IPv6 network

with the set to Registered without values for any other RIR container rir_registration_statusfields, the appliance completes the import operation and adds the IPv4 network container or the IPv6 network container to the Grid. The status of this IPv4 network container or the IPv6 network container is set as network. Non-registeredExample: Non-registered

last_rir_registration_upda

String No Identifies the last registration update timestamp of Regional Internet Registry (RIR). This is a read-only attribute.

Page 466: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 466

te_sent

last_rir_registration_update_status

String No Identifies the last registration update status of Regional Internet Registry (RIR). This is a read-only attribute.

enable_discovery

Boolean Yes Enable Discovery

network If this field is set to the must also be defined.True, discovery_member

discovery_member

String Yes Discovery Member

network This field is required if discovery is enabled for the network.

discovery_exclusion_range

IP Prefix

No Network Editor Discovery Exclusions

 Network List of IP ranges to be excluded from the discovery process.

EA-Site String No Extensible attribute

 extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users

String No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

ADMGRP-XXXX

String No permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

Page 467: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 467

IPv6 NetworkField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6Network

String Yes Example: IPv6Network

rir_organization

String No Organization Name

rir_organization Use this only when the network is associated with an RIR organization.Example: corp100

rir_registration_status

String No Registration Status

rir_registration_status

Use this only when this is an RIR network.Example: Registered

address IPv6 address

Yes Address ipv6addrs Example: 2001::

cidr Prefix Yes Netmask Example: 32

network_view

String No Network View network_view If no view is specified, the Default view is used. Example: Default

enable_discovery

Boolean Yes Enable Discovery

enable_discovery

If this field is set to TRUE, the discovery_member must also be defined.

discovery_member

String Yes Discovery Member

discovery_member

Required if discovery is enabled for the network.

discovery_exclusion_range

IP Prefix

No Network Editor Discovery Exclusions

discovery_exclusion_range

List of IP ranges to be excluded from the discovery process.

disabled Boolean No Disabled disable Example: TRUE

auto_create_reversezone

Boolean No Automatically create reverse mapping zone

auto_create_reversezone

Example: TRUE

zone_associations

Zone list

No DNS Zone Associations

zone_associations

Example: test.com/TRUE

dhcp_members

Grid memberlist

No Members members Example: “host1.infoblox.com, host2.infoblox.com

domain_name

String No Domain Name Example: testdomain.com

domain_name_servers

IP addresslist

No DNS Servers Example: ‘2000::10,3000::10’

valid_lifetime

Integer No Valid Lifetime valid_lifetime Example: 43200

Preferred_lifetime

Integer No PreferredLifetime

preferred_lifetime

Example: 604800

recycle_leases

Boolean No recycle_leases Example: FALSE

enable_ddns

Boolean No Enable DDNSUpdates

enable_ddns Example: TRUE

always_update_dns

Boolean No FQDN Support ddns_server_always_updates

Example: TRUE

ddns_domain_name

String No DDNS DomainName

ddns_domainname

Example: ddnsdomain.com

ddns_ttl Unsigned integer

No DDNS UpdateTTL

ddns_ttl Example: 3600

generate_hostname

Boolean No GenerateHostname

override_ddns_generate_hostname

Example: TRUE

update_dns_on_lease_renewal

Boolean No Lease Renewal Update

override_update_dns_on_lease_renewal

Example: TRUE

Page 468: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 468

OPTION-7

Integer No Custom DHCP Options

override_options This is an example of a DHCP option. For information, see  Data Specific Guidelines on page 9.Example: ‘12’ name implies option space = ‘DHCPv6’, option code/number 7

OPTION-XXXX-200

Option information

No Custom DHCP Options

options This is an example of a DHCP option. For information, see . Data Specific GuidelinesExample: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

EA-Site String No Extensible Attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see  Data Specific Guidelines.

EA-XXX String No Extensible AttributeXXXvalue

inheritable EA-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the value of an inheritable extensible attribute. For information about data format and examples, see  Data Specific Guidelines.

EAInherited-XXX

String No Inheritance State ofan ExtensibleAttribute XXX

inheritable EAInherited-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the inheritance state of an inheritable extensible attribute. This column is displayed only if the extensible attribute is inheritable. For information about data format and examples, see  Data Specific Guidelines.

EA-Users

String No Extensible Attribute Users

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see  . Data Specific Guidelines

ADMGRP-JoeSmith

String No Permissions Admin Group/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see  . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for IPv6 networks. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv6 Network

This example shows how to import an IPv6 network 3333::/64 in the Default DHCP view.

header-IPv6network,address*,cidr*,network_view,comment,auto_create_reversezone IPv6network,2001:db8:6000:5000::,64,Default,This is a comment,TRUE

For a network that has discovery enabled:

header-IPv6network,address*,cidr*,network_view,auto_create_reversezone,enable_discover y,discovery_memberIPv6network,2001:db8:6000:5000::,64,Default,TRUE,TRUE,gridmember1.localdomain

For a network that has discovery enabled and including an IPv6 range that is excluded for discovery:

header-network,address*,netmask*,network_view,auto_create_reversezone, discovery_enabled,discovery_member,discovery_exclusion_rangeIPv6network,2001:db8:6000:5000::,64,Default,TRUE,TRUE,gridmember1.localdomain, 2001:db8:6000:5000::1-2001:db8:6000:5000::128

Note: You cannot import a network container, but you can add an IPv6 network container through GUI.

Overwriting IPv6 Network Data

This example shows how to overwrite the following data of an IPv6 network: address and cidr.

header-IPv6network,address*,_new_address,cidr*,_new_cidr IPv6network,3333::,2222::,64,32

Merging IPv6 Network Data

This example shows how to merge the extensible attribute State and admin group USA_admins to an IPv6 network.

header-IPv6network.address*,cidr*,EA-State,ADMGRP-USA_admins IPv6network,3333::,64,CA,RW

Page 469: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 469

IPv4 Shared NetworkField Name

Data Type

Required(Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-SharedNetwork

String Yes Example: SharedNetwork

name String Yes Name name Example: Site Network

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

networks List Yes Example: "10.1.1.0/24,10.1.2.0/24," Note that you must first create the IPv4 networks 10.1.1.0/24 and 10.1.2.0/24 before designating them to the shared network.

network_view String No Network View network_view If no view is specified, the Default view is used. Example: Default

is_authoritative Boolean No Authoritative authority Example: FALSE

option_logic_filters

List of IPv4 logic filter rules

Filter Type/Action

Examples: .com.infoblox.dns.dhcp_mac_filter$mac_fi lter_name,.com.infoblox.dns.nac_filter$nac_filter_name,.com.infoblox.dns.dhcp_option_filters$opt_filter_name

boot_file String No Boot File bootfile Example: bootfile1

boot_server String No Boot Server bootserver Example: abc.corp100.com

comment String No Comment comment

generate_hostname

Boolean No Generate Hostname

ddns_generate_hostname

Example: TRUE

always_update_dns

Boolean No DNS Zones Associations

ddns_server_always_updates

Example: FALSE

update_static_leases

Boolean No Fixed Address Updates

ddns_update_fixed_address

Example: FALSE

update_dns_on_lease_renewal

Boolean No Update DNS on DHCP Lease Renewal

override_update_dns_on_lease_renewal

Example: TRUE

ddns_ttl Integer No DDNS Update TTL

ddns_ttl This is an inherited field. Example: 1200

enable_option81

Boolean No Option 81 Support

ddns_use_option Example: TRUE 81

deny_bootp Boolean No   Deny BOOTP Requests

deny_bootp Example: FALSE

disabled Boolean  No Disable disable Example: FALSE

enable_ddns Boolean No Enable DDNS Updates

enable_ddns Example: FALSE

ignore_client_requested_options

Boolean No Ignore Optionlist ignore_dhcp_option_list_request

Example: TRUE

next_server String No Next Server nextserver Example: blue.domain.com

lease_time Unsigned integer

No Lease Time Example: 1100

enable_pxe_lease_time

Boolean No Enable PXE time

lease Example: FALSE

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Example: 1100

routers IP address list

No routers Example: "10.0.0.1,10.0.0.100"

domain_name FQDN No Domain Name domain_name

domain_name_servers

IP address list

No Name Server Example: "10.2.3.4,11.2.3.4"

OPTION-2 Integer No   Custom DHCP Options

options Example: 50

OPTION-1 String No Custom DHCP Options

options This is an example of a DHCP option. For information, see  . Data Specific GuidelinesExample: ‘255.0.0.0’ name implies vendor_class=’DHCP’ (default)

Page 470: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 470

OPTION-XXXX-200

Option information

No Extensible Attribute Site

options This is an example of a DHCP option. For information, see Data Specific Guidelines.Example: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

EA-Site String No Extensible Attribute Users

extensible attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see  Data Specific Guidelines.

EA-Users String No PermissionsAdminGroup/Role

extensible attributes

extensible EA-Users is an example of a user defined

ADMGRP-JoeSmith

String No PermissionsAdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see  Data Specific Guidelines.

ExamplesThis section contains examples of how to create data files for shared networks. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv4 Shared NetworkThis example shows how to import a new shared Network in the Default DHCP view.

header-SharedNetwork,name*,networks*,network_view,comment,OPTION-2 SharedNetwork,Sharednetwork01,"10.0.0.0/24,20.0.0.0/24",Default,This is a comment.,128

Overwriting IPv4 Shared Network DataThis example shows how to overwrite a shared network with additional networks.

header-SharedNetwork,name*,networks* SharedNetwork,Sharednetwork01,"10.0.0.0/24,20.0.0.0/24,30.0.0.0/24"

Merging IPv4 Shared Network DataThis example shows how to merge the extensible attribute Site and a new admin group DHCP_admins with RW permission to an IPv4 shared network.

header-SharedNetwork,name*,networks*,EA-Site,ADMGRP-DHCP_admins SharedNetwork,Sharednetwork01,"10.0.0.0/24,20.0.0.0/24",USA,RW

Page 471: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 471

IPv6 Shared Network

Note: This object is supported in CSV export only.

Field Name

DataType

Required(Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6SharedNetwork

String Yes Example: IPv6SharedNetwork

name String Yes Name name Example: IPv6Shared01

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

networks List Yes Example:  ". “2000::/64,3000::/64Note that you must first create the IPv6 networks 2000::/64 and 3000::/64 before designating them to the shared network.

network_view String No Network View network_view If no view is specified, the Default view is used. Example: Default

comment String No Comment comment

disabled Boolean No Disabled disable Example: FALSE

domain_name String No Domain Name Example: testdomain.com

domain_name_servers

IP addresslist

No Name Server Example: “2000::10,3000::10”

valid_lifetime Integer No Valid Lifetime valid_lifetime Example: 43200

Preferred_lifetime

Integer No Preferred Lifetime

preferred_lifetime Example: 604800

enable_ddns Boolean No Enable DDNS Updates

enable_ddns Example: TRUE

always_update_dns

Boolean No DNS Zones Associations

ddns_server_always_updates

Example: TRUE

ddns_domain_name

String No DDNS Domain Name

ddns_domainname

Example: DDNSdomain

ddns_ttl Integer No DDNS Update TTL

override_ddns_ttl This is an inherited field.Example: 1200

generate_hostname

Boolean No Generate Hostname

ddns_generate_hostname

Example: TRUEExample: FALSE

update_dns_on_lease_renewal

Boolean No Update DNS on DHCP Lease Renewal

override_update_dns_on_lease_renewal

Example: TRUE

OPTION-7 Integer No   Custom DHCP Options

override_options This is an example of a DHCP option. For information, see . Data Specific Guidelines Example: ‘12’ name implies option space = ‘DHCPv6’, option code/number 7

OPTION-XXXX-200

Option information

No Custom DHCPOptions

override_options This is an example of a DHCP option. For information, see Data Specific Guidelines.Example: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

EA-Site String No Extensible Attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Spe

cific Guidelines.

EA-Users String No Extensibleattribute Users

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see Data Spe

. cific Guidelines

ADMGRP-JoeSmith

String No PermissionsAdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see  Data Specific Guidelines.

http://testdomain.com
Page 472: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 472

IPv4 DHCP RangeField Name

DataType

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-DhcpRange

String Yes Example: DhcpRange

start_address

IP address

Yes Start start_addr Example: 10.0.0.11

_new_start_address

IP address

No Add this field to overwrite the start_address field when you select the overwrite or merge option. Example: 10.0.0.55

end_address

IP address

Yes End end_addr  Example: 10.0.0.22

_new_end_address

IP address

No Add this field to overwrite the end_address field when you select the overwrite or merge option. Example: 10.0.0.66

network_view

String No Network View network_view  If no view is specified, the Default view is used. Example: Default

name String No Name name

comment String No Comment comment

is_authoritative

Boolean No Authoritative authority Example: FALSE

boot_file String No Boot File bootfile Example: bootfile1

boot_server

String No Boot Server bootserver Example: abc.corp100.com

ddns_domainname

String No DDNS Domain  Name

ddns_domainname

Example: ddns.corp100.com

generate_hostname

Boolean No Generate Hostname

ddns_generate_hostname

 Example: TRUE

deny_all_clients

Boolean No deny_all_clients Example: FALSE

deny_bootp

Boolean No Deny BOOTP Requests

deny_bootp  Example: FALSE

disabled Boolean No Disabled disable Example: FALSE

domain_name_servers

IP addresslist

No Name Servers Example: "10.2.3.4,11.2.3.4,"

enable_ddns

Boolean No Enable DDNS Updates

enable_ddns  Example: FALSE

enable_thresholds

Boolean No Enable DHCP Thresholds

enable_dhcp_thresholds

When you set this field to TRUE, you must enter values in the range_high_water_mark and range_low_water_mark fields. You cannot leave those fields empty. Otherwise, the appliance generates an error.

enable_threshold_ email_ warnings

Boolean No Enable Email Warnings

enable_email_warnings

 When you use the merge function, the appliance preserves the existing value in this field. When you use the overwrite function, you must include a value (TRUE or FALSE). Otherwise, the appliance generates an error. Example: TRUE

enable_threshold_ snmp_ warnings

Boolean No Enable SNMP Warnings

enable_snmp_ warnings

When you use the merge function, the appliance preserves the existing value in this field. When you use the overwrite function, you must include a value (TRUE or FALSE). Otherwise, the appliance generates an error. Example: TRUE

threshold_email_ addresses

email addresslist

No Email Addresses

Example: "'[email protected]','admin2@somew here.com'"

range_high_water_ mark

Integer No High Water Mark

high_water_mark

When you set enable_thresholds to TRUE, you must enter values in this field and in the range_low_water_mark field. You cannot leave these fields empty. Otherwise, the appliance generates an error. Example: 80

ignore_client_requested_options

Boolean No Ignore Optionlist

ignore_dhcp_option_list_request

Example: TRUE

range_low_water_mark

Integer No Low Water Mark

low_water_mark When you set enable_thresholds to TRUE, you must enter values in this field and in the range_high_water_mark field. You cannot leave these fields empty. Otherwise, the appliance generates an error. Example: 10

Page 473: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 473

next_server

String No Next Server nextserver Example: blue.domain.com

lease_time Unsigned integer

No Lease Time Example: 1100

enable_pxe_lease_ time

Boolean No Enable PXE lease time

Example: FALSE

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Example: 1100

unknown_clients_ option

String No Unknown Clients drop-down

unknown_client_ option

Example: Allow

known_clients_option

String No Known Clients drop-down

known_clients_option

Example: Deny

recycle_leases

Boolean No Lease Deletion recycle_leases This field is set to TRUE by default. Ensure that you use the overwrite option if you want to change the value to FALSE. Merging data from an import preserves the default value.

update_dns_on_ lease_renewal

Boolean No Update DNS on DHCP Lease Renewal

override_update_ dns_on_lease_renewal

Example: TRUE

always_update_dns

Boolean No DNS Zones Associations

always_update_ dns

Example: FALSE

exclusion_ranges

IP addressrange

No Exclusion Ranges

exclude This field indicates the start to end address range. You can also include a comment. The valid format is start address-end address/comment. Example: “10.1.0.200-10.1.0.254/’The range for printers’,10.2.3.3-10.2.3.30/”

member Grid member

No Served by Grid Member

member Example: member.infoblox.com

server_association_type

Sting No Valid values are MEMBER, NONE, andFAILOVER

failover_association

Sting No Served byFailoverAssociation

failover_assoc

broadcast_address

IP address

No Broadcast Address

Example: 10.0.0.1

routers IP addresslist

No Routers Example: "10.0.0.1,10.0.0.100,"

domain_name

FQDN No Domain Name domain_name

option_logic_filters

List of IPv4 logic filter rules

Filter Type/Action

Examples:com.infoblox.dns.dhcp_mac_filter$mac_filter_name,.com.infoblox.dns.nac_filter$nac_filter_name,.com.infoblox.dns.dhcp_option_filters$opt_filter_name

OPTION-2

Integer No Custom DHCP Options

options This is an example of a DHCP option. For information, see  Example: Data Specific .Guidelines50

OPTION-1

String No Custom DHCP Options

options This is an example of a DHCP option. For information, see  Example: Data Specific Guidelines.'255.0.0.0' name implies vendor_class='DHCP' (default)

OPTION-XXXX-200

Option information

No Custom DHCP Options

options This is an example of a DHCP option. For information, see  Example: Data Specific .Guidelines'dfdfdfd' name implies vendor_class='XXXX', option code/number 200

EA-Site String No Extensible Attribute Site

extensible attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific G

.uidelines

EA-XXX String No Extensible Attribute XXX value

inheritable EA-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the value of an inheritable extensible attribute. For information about data format and examples, see Data Specific .Guidelines

EAInherited-XXX

String No Inheritance State of an Extensible Attribute XXX

inheritable EAInherited-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the inheritance state of an inheritable extensible attribute. This column is displayed only if the extensible attribute is inheritable. For information about data format and examples, see Data Specific Guidelines.

EA-Users String No Extensible extensible EA-Users is an example of a user defined attribute. You can add other user defined attributes

Page 474: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 474

Attribute Users attributes to the data file. For information about data format and examples, see Data Specific Guidelines.

ADMGRP-JoeSmith

String No Permissions AdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see Data Specific Guidelines.

ExamplesThis section contains examples of how to create data files for DHCP ranges. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a DHCP Range

This example shows how to import a new DHCP range, Range01, with starting IP of 100.0.0.1 and ending IP 100.0.0.254. The range is assigned to a member, master.corp100.com.

header-DhcpRange,start_address*,end_address*,name,comment,member DhcpRange,100.0.0.1,100.0.0.254,Range01,This is a comment.,master.corp100.com

Overwriting DHCP Range Data

This example shows how to overwrite the starting address and the name of an existing DHCP range.

header-DhcpRange,start_address*,_new_start_address,end_address*,name DhcpRange,100.0.0.100,100.0.0.150,100.0.0.254,Range02

Merging DHCP Range Data

This example shows how to merge an exclusion range 100.0.0.100 to 100.0.0.110 to an existing DHCP range, and to replace a member assignment with a failover association, Failover01.

header-DhcpRange,start_address*,end_address*,exclusion_ranges,failover_association DhcpRange,100.0.0.100,100.0.0.254,100.0.0.100-100.0.0.110,Fileaover01

Page 475: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 475

IPv6 DHCP Range

Note: This object is supported in CSV export only.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6DhcpRange

String Yes Example: IPv6DhcpRange

address_type

Enumeration

No address_type Valid values are ADDRESS, PREFIX, and BOTH. If no value is specified, ‘ADDRESS’(default) is used.Example: PREFIX

parent String No Select Network network This field is required when address_type is ‘PREFIX’.Example: 2000::/16

start_address

IP address

No Address Start start_addr This field is required if address_type is ‘ADDRESS’ or ‘BOTH’.Example: 2000::1

_new_start_address

IP address

No Add this field to overwrite the start_address field when you select the overwrite or merge option.

end_address

IP address

No Address End end_addr This field is required if address_type is ‘ADDRESS’ or ‘BOTH’.Example: 2000::1

_new_end_address

IP address

No Add this field to overwrite the end_address field when you select the overwrite or merge option.

ipv6_start_prefix

IPv6 addressprefix

No Prefix Delegated Start

ipv6_start_prefix This field is required if address_type is ‘PREFIX’ or ‘BOTH’.Example: 2000:1111::

_new_ipv6_start_prefix

IPv6 addressprefix

No Add this field to overwrite the ipv6_start_address field when you select the overwrite or merge option.

ipv6_end_prefix

IPv6 addressprefix

No Prefix Delegated End

ipv6_end_prefix This field is required if address_type is ‘PREFIX’ or ‘BOTH’.Example: 2000:1111::

_new_ipv6_end_prefix

IPv6 addressprefix

No Add this field to overwrite the ipv6_end_address field when you select the overwrite or merge option.

ipb6_prefix_bits

Integer No ipv6_prefix_bits This field is required if address_type is‘PREFIX’ or ‘BOTH’.Example: 32

network_view

String No Network View network_view If no view is specified, the Default view isused. Example: Default

name String No Name name

comment String No Comment comment Example: This is an IPv6 DHCP range.

disabled Boolean No Disabled disable Example: FALSE

member Grid member

No Grid Member member Example: member.infoblox.com

server_association_type

String No server_association_type

Valid values are MEMBER and NONE. If no value is specified, None (default) is used.

exclusion_ranges

IP addressrange

No Exclusion Ranges

exclude This field indicates the start to end address range. You can also include a comment. The valid format is: start address-end address/comment. Example: “2000::1-2000::5/’The range for printers’”

recycle_leases

Boolean No Lease Deletion recycle_leases This field is set to TRUE by default. Ensure that you use the overwrite option if you want to change the value to FALSE. Merging data from an import preserves the default value.

EA-Site String No Extensible Attribute Site

extensible attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Guidelines.

EA-XXX String No ExtensibleAttribute XXXvalue

inheritable EA-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the value of an inheritable extensible attribute. For information about data format and examples, see  Data Specific Guidelines.

EAInherited-XXX

String No Inheritance State of an

inheritable EAInherited-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the inheritance state of an inheritable extensible attribute.

Page 476: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 476

Extensible Attribute XXX

This column is displayed only if the extensible attribute is inheritable. For information about data format and examples, see . Data Specific Guidelines

EA-Users

String No Extensible Attribute Users

extensible attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see . Data Specific Guidelines

ADMGRP-JoeSmith

String No Permissions Admin Group/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see . Data Specific Guidelines

Page 477: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 477

IPv4 Fixed Address/Reservation

Note: You can use the fixed address header to import reservations. When you import a reservation, you must specify 00:00:00:00:00:00 in the mac_address field.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-FixedAddress

String Yes Example: FixedAddress

ip_address IP address

Yes IP Address ipv4addrss Example: 10.0.0.11

ms_Server IP address

Yes Example: 100.102.30.180

_new_ip_address

IP address

No Add this field to overwrite the ip_address field when you use the overwrite or merge option.

network_view

String No Network View network_view If no view is specified, the Default view is used. Example: Default

name String No Name name

always_update_dns

Boolean No DNS Zones Associations

always_update_dns

Example: FALSE

option_logic_filters

List of IPv4 logic filter rules

No Filter Type/Action

Examples:.com.infoblox.dns.dhcp_mac_filter$mac_filter_name,.com.infoblox.dns.nac_filter$nac_filter_name,.com.infoblox.dns.dhcp_option_filters$opt_filter_name

boot_file String No Boot File bootfile Example: bootfile1

boot_server

String No Boot Server bootserver Example: abc.corp100.com

prepared_zero

Boolean No Example: FALSE

comment String No Comment comment

ddns_domainname

String No DDNS Domain Name

ddns_domainname

Example: ddns.corp100.com

deny_bootp

Boolean No Deny BOOTP Requests

deny_bootp Example: FALSE

broadcast_address

IP addresslist

No Broadcast Address

Example: 10.0.0.1

routers IP addresslist

No Routers Example: "10.0.0.1,10.0.0.100,"

domain_name

FQDN No Domain Name

domain_name_ servers

IP addresslist

No Name Servers Example: "10.2.3.4,11.2.3.4,"

dhcp_client_ identifier

String No Client Identifier dhcp_client_ identifier

disabled Boolean No Disabled disable Example: FALSE

enable_ddns

Boolean No Enable DDNS Updates

Example: FALSE

ignore_client_ requested_ options

Boolean No Ignore Optionlist

ignore_dhcp_ option_list_request

Example: TRUE

circuit_id String No agent_circuit_id This field is required when match_option = CIRCUIT_ID. Example: 11

remote_id String No agent_remote_id

This field is required when match_option = REMOTE_ID. Example: xyz

Page 478: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 478

mac_address

MAC address

No Yes for reservation

MAC Address mac This field is required if match_option = MAC_ADDRESS, or if you are importing a reservation. For reservations, you must enter 00:00:00:00:00:00 in this field. Example: aa:bb:cc:dd:ee:ff

match_option

String No match_client Data must be in the following format:['MAC_ADDRESS','CLIENT_ID','CIRCUIT_ID','REMOTE_ID']

next_server

String No Next Server nextserver Example: blue.domain.com

lease_time Unsigned integer

No Lease Time Example: 1100

enable_pxe_lease_time

Boolean No Enable PXE lease time

Example: FALSE

ddns_hostname

String No ddns_hostname Example: host1.test.com

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Example: 1100

OPTION-2

Integer No Custom DHCP Options

options This is an example of a DHCP option. For information, see Data Specific Guidelines. Example: 50

OPTION-1

String No Custom DHCP Options

options This is an example of a DHCP option. For information, see Data Specific Guidelines. Example: ‘255.0.0.0’ name implies vendor_class=’DHCP’ (default)

OPTION-XXXX-200

Option information

No Custom DHCP Options

options This is an example of a DHCP option. For information, see . Data Specific GuidelinesExample: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

EA-Site String No Extensible Attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see  Data Specific Guidelines.

EA-XXX String No Extensible AttributeXXXvalue

inheritable EA-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the value of an inheritable extensible attribute. For information about data format and examples, see  Data Specific Guidelines.

EAInherited-XXX

String No Inheritance State ofan ExtensibleAttribute XXX

inheritable EAInherited-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the inheritance state of an inheritable extensible attribute. This column is displayed only if the extensible attribute is inheritable. For information about data format and examples, see  . Data Specific Guidelines

EA-Users String No Extensible Attribute User

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see  . Data Specific Guidelines

ADMGRP-JoeSmith

String No Permissions Admin Group/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see  . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for IPv4 fixed addresses. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv4 Fixed Address

This example shows how to import a new IPv4 fixed address.

header-fixedaddress,ip_address*,network_view,mac_address*,match_option,ms_server, remote_id,EA-Sitefixedaddress,100.0.0.1,Default,aa:aa:aa:aa:aa:aa,Remote_ID,xyz,USA

To import MS sync data, specify ms_server field in the CSV format.

header-fixedaddress,ip_address*,ms_Server,EA-Location fixedaddress,100.0.0.1,100.102.30.180,location-1

Overwriting IPv4 Fixed Address Data

This example shows how to overwrite the MAC address of an existing IPv4 fixed address from aa:aa:aa:aa:aa:aa to bb:aa:aa:aa:aa:aa.

header-fixedaddress,ip_address*,mac_address* FixedAddress,100.0.0.1,bb:aa:aa:aa:aa:aa

This example shows how to overwrite the address of an existing IPv4 fixed address from 100.0.0.1 to 100.0.0.10.

header-fixedaddress,ip_address*,_new_ip_address,mac_address* FixedAddress,100.0.0.1,100.0.0.10,bb:aa:aa:aa:aa:aa

http://host1.test.com
Page 479: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 479

Merging IPv4 Fixed Address Data

This example shows how to merge a new comment to an existing IPv4 fixed address.

header-fixedaddress,ip_address,mac_address*,comment FixedAddress,100.0.0.10,bb:aa:aa:aa:aa:aa,A new comment here.

This example shows how to merge new routers addresses and the domain name to an existing IPv4 fixed address.

header-fixedaddress,ip_address*,mac_address*,routers,domain_name fixedaddress,100.0.0.10,bb:aa:aa:aa:aa:aa,"2.2.2.2,4.4.4.4",ns1.corp100.com

Adding an IPv4 Reservation

This example shows how to import a new IPv4 reservation.

header-fixedaddress,ip_address*,network_view,mac_address*,EA-Site fixedaddress,100.0.0.1,Default,00:00:00:00:00:00,USA

Page 480: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 480

IPv6 Fixed AddressField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6FixedAddress

String Yes Example: IPv6FixedAddress

address_type

Enumeration

No address_type Valid values are ADDRESS, PREFIX, and BOTH. If no value is specified, ‘ADDRESS’(default) is used.Example: PREFIX

parent String Yes* Select Network network This field is required when address_type is ‘PREFIX’.Example: 2000::/16

ip_address

IP address

Yes* Address ipv6addrss This field is required if address_type is ‘ADDRESS’ or ‘BOTH’.Example: 2000::5

_new_ip_address

IP address

No Add this field to overwrite the ip_address field when you select the overwrite or merge option.

ipv6_prefix

IPv6 addressprefix

Yes* Prefix Delegated

ipv6prefix This field is required if address_type is ‘PREFIX’ or ‘BOTH’.Example: 2000:1111::

_new_ipv6_prefix

IPv6 addressprefix

No Add this field to overwrite the ipv6_prefix field when you select the overwrite or merge option.

ipv6_prefix_bits

Integer No ipv6_prefix_bits This field is required if address_type is‘PREFIX’ or ‘BOTH’.Example: 32

network_view

String No Network View network_view If no view is specified, the Default view isused. Example: Default

name String No Name name Example: IPv6FixedAddr

comment String No Comment comment

disabled Boolean No Disabled disable Example: FALSE

match_option

String No match_client Only ‘DUID’ is allowed.Example: DUID

duid String Yes DUID duid Example: 0001

domain_name

FQDN No Domain Name Example: ns1.corp100.com

domain_name_servers

IPv6 addresslist

No Name Servers Example: 2000::10,3000::10

valid_lifetime

Unsigned integer

No Valid Lifetime valid_lifename Example: 43200

preferred_lifetime

Unsigned integer

No Preferred Lifename

preferred_lifetime

Example: 604800

OPTION-7

Integer No Custom DHCP Options

override_options This is an example of a DHCP option. For information, see  Data Specific Guidelines.Example: ‘12’ name implies option space = ‘DHCPv6’, option code/number 7

OPTION-XXXX-200

Option information

No Custom DHCP Options

override_options This is an example of a DHCP option. For information, see  Data Specific Guidelines.Example: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

EA-Site String No Extensible Attribute Site

extensible attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Guidelines.

EA-XXX String No ExtensibleAttribute XXXvalue

inheritable EA-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the value of an inheritable extensible attribute. For information about data format and examples, see  Data Specific Guidelines.

EAInherited-XXX

String No Inheritance State of an Extensible Attribute XXX

inheritable EAInherited-XXX is an example of an inheritable extensible attribute where XXX represents the attribute name. This column displays the inheritance state of an inheritable extensible attribute. This column is displayed only if the extensible attribute is inheritable. For information about data format and examples, see . Data Specific Guidelines

EA-Users

String No Extensible Attribute Users

extensible attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see . Data Specific Guidelines

ADMGR String No Permissions permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For

Page 481: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 481

P-JoeSmith

Admin Group/Role

information about data format and examples, see . Data Specific Guidelines

Note: * Required in some cases, see detailed field description.

ExamplesThis section contains examples of how to create data files for IPv6 fixed addresses. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv6 Fixed Address

This example shows how to import a new IPv6 fixed address.

header-IPv6FixedAddress,address_type,ip_address,network_view,match_option,EA-Site IPv6FixedAddress,ADDRESS,2000::5,default,DUID,USA

Overwriting IPv6 Fixed Address Data

This example shows how to overwrite an existing IPv6 fixed address from 2000::5 to 2000::1.

header-IPv6FixedAddress,address_type,ip_address,_new_ip_address IPv6FixedAddress,ADDRESS,2000::5,2000::1

Merging IPv6 Fixed Address Data

This example shows how to merge a new comment to an existing IPv6 fixed address.

header-IPv6FixedAddress,ip_address,comment IPv6FixedAddress,2000::1,A new comment.

This example shows how to merge a new domain name to an existing IPv6 fixed address.

header-IPv6FixedAddress,ip_address,domain_name IPv6FixedAddress,2000::1,ns1.corp100.com

Page 482: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 482

DHCP FingerprintField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-DHCPFingerprint

String Yes Example: DHCPFingerprint

name String Yes Name name Example: Samsung Android

new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

type String No Device type. This can be ‘Standard’ or ‘Custom.’ The default is ‘Custom.’Example: Custom

comment String No Comment comment

disable Boolean No Disabled disable Example: FALSE

vendor_id String No Vendor ID vendor_id Example: MSFT 7.x

option_sequence

String No Option Number Sequence

option_sequence

DHCP options from 1 to 255 separated by commas (without spaces). Also enter the protocol (ipv4 or ipv6) at the end.Example: "['1,3,6,7,12,15,28,40,41,42,225,226,227,22/ipv4']"

device_class

String No Device Class device_class Device category to which the DHCP fingerprint belongs. This is used for filtering purposes.Example: Printers

protocol String Yes protocol protocol Protocol type. This can be IPV4 or IPV6.

EA-Site String No Extensible Attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to custom DHCP fingerprints. For information about data format and examples, see 

Data Specific Guidelines.

ExamplesThis section contains examples of how to create data files for DHCP fingerprints. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a Custom DHCP Fingerprint

This example shows how to import a new custom DHCP fingerprint.

header-DHCPFingerprint,name*,protocol*,comment,disable,option_sequenceDHCPFingerprint,SpecialPrinter,IPV4,Special printer forQA,FALSE,"['1,3,6,7,12,15,28,40,41,42,225,226,227,228/ipv4']"

Overwriting DHCP Fingerprint Data

This example shows how to overwrite an existing custom DHCP fingerprint.

header-DHCPFingerprint,name*,new_name,comment DHCPFingerprint,SpecialPrinter,QAPrinter,Changed from Special Printer to QA Printer

Merging DHCP Fingerprint Data

This example shows how to merge a new comment to an existing DHCP fingerprint.

header-DHCPFingerprint,name*,comment DHCPFingerprint,Xbox,Blocked from network

Page 483: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 483

DHCP MAC FilterField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-DhcpMacFilter

String Yes Example: DhcpMacFilter

name String Yes Name name Example: MAC filter 1

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

never_expires

Boolean No Never Expires Example: TRUE

expiration_interval

Integer No Automatically expires in

default_mac_address_expiration

Example: 3624

enforce_expiration_time

Boolean No Enforce Expiration Times

enforce_expiration_times

Example: FALSE

comment String No Comment comment

EA-Site String No Extensible AttributeSite

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data SpecificGuidelines.

EA-Users String No Extensible AttributeUsers

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see Data Specific Guidelines.

ADMGRP-JoeSmith

String No Permissions AdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see Data Specific Guidelines.

ExamplesThis section contains examples of how to create data files for DHCP MAC filters. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a DHCP MAC Filter

This example shows how to import a DHCP MAC filter.

header-dhcpmacfilter,name*,never_expires,expiration_interval,enforce_expiration_time,c ommentdhcpmacfilter,MacFilter01,FALSE,3600,TRUE,This is a comment.

Overwriting DHCP MAC Filter Data

This example shows how to overwrite the MAC filter name from MacFilter01 to MacFilter02.

header-dhcpmacfilter,name*,_new_name dhcpmacfilter,MacFilter01,MacFilter02

Merging DHCP MAC Filter Data

This example shows how to merge extensible attributes Site and Users, as well as admin group DHCP_admins with a RO permission.

header-dhcpmacfilter,name*,EA-Site,EA-Users,ADMGRPDHCP_admins dhcpmacfilter,MacFilter02,USA,John Smith,RO

Page 484: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 484

MAC Filter AddressField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-MacFilterAddress

String Yes Example: MacFilterAddress

parent String Yes MAC address filter

filter_name Example: MAC filter 1

mac_address

MAC address

Yes MAC address mac_address Example: aa:bb:cc:dd:ee:ff

_new_mac_address

MAC address

No Add this field to overwrite the mac_address field when you select the overwrite or merge option.

is_registered_user

Boolean No Register as User

Example: TRUE

registered_user

String No Register as User

Example: John Doe

guest_first_name

String No Register as Guest: First Name

Example: John

guest_middle_name

String No Register as Guest: Middle Name

Example: Doe

guest_last_name

String No Register as Guest: Last Name

Example: Doe

guest_email Email address

No Register as Guest: Email Address

Example: [email protected]

guest_phone String No Register as Guest: Phone Number

Example: 408-111-1111

guest_custom_field1

String No Register as Guest: Custom Field 1

guest_custom_field2

String No Register as Guest: Custom Field 2

guest_custom_field3

String No Register as Guest: Custom Field 3

guest_custom_field4

String No Register as Guest: Custom Field 4

never_expires

Boolean No Never Expires Example: FALSE

expire_time Date/Time

No Expires On Data must be in the following format:

CCYY-MM-DDThh:mm:ss

Example: 2009-02-29T10:30:00

The timestamp must be based on UTC time.

comment String No Comment comment

EA-Site String No Extensible AttributeSite

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data SpecificGuidelines.

EA-Users String No Extensible AttributeUsers

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see Data SpecificGuidelines.

ADMGRP-JoeSmith

String No Permissions AdminGroup/Role

permission ADMGRP-JoeSmith is an example of an admin permission of a specific admin group. For information about data format and examples, see Data Specific Guidelines.

Page 485: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 485

ExamplesThis section contains examples of how to create data files for DHCP MAC filters. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a DHCP MAC Filter

This example shows how to import MAC filter address, aa:aa:aa:aa:aa:aa, to MacFilter01.

header-macfilteraddress,parent*,mac_address*,is_registered_user,never_expires,comment macfilteraddress,MacFilter01,aa:aa:aa:aa:aa:aa,FALSE,TRUE,This is a comment.

Overwriting DHCP MAC Filter

This example shows how to overwrite a MAC filter address with an expiration time.

header-macfilteraddress,parent*,mac_address*,never_expires,expire_time macfilteraddress,MacFilter01,aa:aa:aa:aa:aa:aa,FALSE,2010-12-30T10:30:00Z

Merging DHCP MAC Filter

This example shows how to merge extensible attributes Site and Users to an existing MAC filter address.

header-macfilteraddress,parent*mac_address*,EA-Site,EA-Users macfilteraddress,MacFilter01,aa:aa:aa:aa:aa:aa,USA,John Smith

Page 486: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 486

Option FilterField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-OptionFilter

String Yes Example: OptionFilter

name String Yes Name name Example: Option Filter 1

_new_name

String No Add this field to overwrite the name field when you select the overwrite or merge option.

comment String No Comment comment

boot_file String No Boot File boot_file Example: bootfile1

boot_server

String No Boot Server boot_server Example: abc.corp100.com

lease_time

Integer No Lease Time lease_time Example: 7200

pxe_lease_time

Unsigned integer

No PXE Lease Time

pxe_lease_time Example: 1100

next_server

String No Next Server next_server Example: blue.domain.com

option_space

String No Option Space option_space Example: Infoblox_DHCP

OPTION-2

Integer No Custom DHCPOptions

option_list This is an example of a DHCP option. For information, see . Data Specific GuidelinesExample: 50

OPTION-1

String No Custom DHCP Options

options_list This is an example of a DHCP option. For information, see  Data Specific Guidelines. Example: ‘255.0.0.0’ name implies vendor_class=’DHCP’ (default)

OPTION-XXXX-200

Option information

No ExtensibleAttribute Site

options_list This is an example of a DHCP option. For information, see . Data Specific GuidelinesExample: ’dfdfdfd’ name implies vendor_class=’XXXX’, option code/number 200

EA-Site String No Extensible Attribute Site

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see  Data Specific Guidelines.

EA-Users

String No Extensible Attribute Users

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see  . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for option filters. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an Option Filter

This example shows how to import an option filter with boot file, boot server, and lease time.

header-OptionFilter name*,comment,boot_file,boot_server,lease_time OptionFilter,OptionFilter01,This is a comment.,bootfile01 1.2.3.4,12800

Overwriting Option Filter Data

This example shows how to overwrite an option filter name and boot file name.

header-OptionFilter,name*,_new_name,boot_file OptionFilter,OptionFilter01,OptionFilter02,bootfile02

Merging Option Filter Data

This example shows how to merge to an option filter the PXE lease time and next server domain name.

header-OptionFilter,name*,pxe_lease_time,next_server OptionFilter,OptionFilter02,12800,next.corp100.com

Page 487: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 487

Option Filter Match RuleField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-OptionFileterMatchRule

String Yes Example: OptionFilterMatchRule

parent Option filter Yes Option FilterName

filter The name of the parent option filter. Example: Option filter 1

match_option String Yes Match Option num Example: OPTION-1 (option space is DHCP)

match_value String Yes Match Value value Example: 255.0.0.0

_new_match_value String No Add this field to overwrite the match_value field when you select the overwrite or merge option.

comment String No Comment comment

is_substring Boolean No Value is a substring

is_substring Example: FALSE

substring_offset Integer No Substring Offset substring_offset Example: 2

substring_length Unsigned integer

No Substring Length substring_length Example: Doe

ExamplesThis section contains examples of how to create data files for option filter match rules. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an Option Filter Match Rule

This example shows how to import an option filter match rule.

header-OptionFilterMatchRule,parent*,match_option*,match_value*,is_substring,substring_offsetOptionFilterMatchRule,OptionFilter01,OPTION-1,2.2.2.2,FALSE,0

Overwriting Option Filter Match Rule Data

This example shows how to overwrite an existing match option with OPTION-2 and add a new match value of 3.3.3.3. header-OptionFilterMatchRule,parent*,match_option*,match_value*,_new_match_value

OptionFilterMatchRule,OptionFilter01,OPTION-2,2.2.2.2,3.3.3.3

Merging Option Filter Match Rule Data

This example shows how to merge a substring length to an existing option filter match rule.

header-OptionFilterMatchRule,parent*,match_option*,match_value*,substring_length OptionFilterMatchRule,OptionFilter02,OPTION-2,3.3.3.3,256

Page 488: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 488

Relay Agent FilterField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-RelayAgentFilter

String Yes Example: RelayAgentFilter

name String Yes Name name Example: Relay Agent Filter 1

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

comment String No Comment comment

circuit_id_rule

String No Circuit ID: Match Value

is_circuit_id Example: MATCHES_VALUE

circuit_id String No Circuit ID circuit_id_name

remote_id_rule

String No Remote ID: Match Value

is_remote_id Example: MATCHES_VALUE

remote_id Integer No Remote ID remote_id_name

Example: 50

EA-Site String No Extensible Attribute Site

extensible_ attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific

.Guidelines

EA-Users String No Extensible Attribute Users

extensible_ attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see Data Specific

.Guidelines

ExamplesThis section contains examples of how to create data files for relay agent filters. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a Relay Agent Filter

This example shows how to import a relay agent filter with a circuit ID and a remote ID.

header-RelayAgentFilter,name*,circuit_id_rule,circuit_id,remote_id_rule,remote_id RelayAgentFilter,relayagent1,MATCHES_VALUE,123456,MATCHES_VALUE,abcd

Overwriting Relay Agent Filter Data

This example shows how to overwrite the circuit ID and remote ID of an existing relay agent filter.

header-RelayAgentFilter,name*,circuit_id_rule,circuit_id,remote_id_rule remote_id RelayAgentFilter,relayagent1,MATCHES_VALUE,336699,MATCHES_VALUE,xyz

Merging Relay Agent Filter Data

This example shows how to merge a comment and extensible attribute Site to an existing relay agent filter.

header-RelayAgentFilter,name*,comment,EA-Site RelayAgentFilter,relayagent1,This is a comment.,USA

Page 489: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 489

DHCP Fingerprint FilterField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-DHCPFingprintFilter

String Yes Example: DHCPFingerprintFilter

name String Yes Name name Example: HP Printers

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

fingerprint String Yes DHCP Fingerprints

fingerprint An array of DHCP fingerprints

_new_fingerprint

String No Add this field to overwrite the fingerprint field when you select the overwrite or merge option.

comment String No Comment comment

EA-Site String No Extensible Attribute Site

extensible_ attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific

.Guidelines

ExamplesThis section contains examples of how to create data files for DHCP fingerprint filters. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a DHCP Fingerprint Filter

This example shows how to import a DHCP fingerprint filter.

header-DHCPFingerprintFilter,name*,fingerprint*,comment DHCPFingerprintFilter,WindowsXP1,MSFT5.x,MSFT,Some Windows XP systems

Overwriting DHCP Fingerprint Filter Data

This example shows how to overwrite the filter name of an DHCP fingerprint filter.

header-DHCPFingerprintFilter,name*,_new_name DHCPFingerprintFilter,WindowsXP1,WindowsXP5

Merging DHCP Fingerprint Filter Data

This example shows how to merge a comment to an DHCP fingerprint filter.

header-DHCPFingerprintFilter,name*,comment,EA-Site DHCPFingerprintFilter,WindowsXP1,This is a comment

Page 490: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 490

NAC FilterField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-NACFilter

String Yes Example: NACFilter

name String Yes Name name Example: NAC Filter

_new_name

String No Add this field to overwrite the name field when you select the overwrite or merge option.

comment String No Comment comment

expression

Option list

No Match the following rule

expression To include the option list in the table in Grid Manager, you must Matching the following rulesenclose the expression in brackets.Example: (Sophos.ComplianceState="Compliant" AND RADIUS.ServerError="TRUE")

EA-Site String No Extensible Attribute Site

extensible_ attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. For information about data format and examples, see Data Specific Gu

.idelines

EA-Users

String No Extensible Attribute Users

extensible_ attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. For information about data format and examples, see . Data Specific Guidelines

ExamplesThis section contains examples of how to create data files for NAC filters. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a NAC Filter

This example shows how to import a new NAC filter.

header-NacFilter,name*,comment,expression,EA-Site NacFilter,nacfilter01,This is a comment.,option ServerError="true",USA

Overwriting NAC Filter Data

This example shows how to overwrite the name and comment of an existing NAC filter.

header-NacFilter,name*,_new_name,comment NacFilter,nacfilter01,nacfilter02,This is a new comment.

Merging NAC Filter Data

This example shows how to merge the extensible attribute Users to an existing NAC filter.

header-NacFilter,name*,EA-Users NacFilter,nacfilter02,John Smith

Page 491: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 491

IPv4 Option SpaceField Name Data

TypeRequired (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-OptionSpace

String Yes Example: OptionSpace

name String Yes Name name Example: ABC-co options

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

comment String No Comment comment

ExamplesThis section contains examples of how to create data files for option spaces. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv4 Option Space

This example shows how to import a new IPv4 option space.

header-OptionSpace,name*,space_type OptionSpace,Optionspace01,VENDOR_SPACE

Overwriting IPv4 Option Space Data

This example shows how to overwrite the IPv4 option space name with Optionspace02.

header-OptionSpace,name*,_new_name OptionSpace,Optionspace01,Optionspace02

Merging IPv4 Option Space Data

This example shows how to merge a comment to the IPv4 option space Optionspace02.

header-OptionSpace,name*,comment OptionSpace,Optionspace02,This is a comment.

Page 492: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 492

IPv6 Option Space

Note: This object is supported in CSV export only.

Field Name Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6OptionSpace

String Yes Example: IPv6OptionSpace

name String Yes Name name Example: MySpace

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

comment String No Comment comment Example: Custom option space

ipv6_enterprise_number

String No Enterprise Number This is the vendor’s enterprise number that is registered with IANA.Example: 7779

Page 493: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 493

IPv4 Option DefinitionField Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-OptionDefinition

String Yes Example: OptionDefinition

space String Yes Option Space space Example: ABC-co options

_new_space String No Add this field to overwrite the space field when you select the overwrite or merge option.

name String Yes Name name Example: Option one

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

code String Yes Options: Code code

type String Yes Options: Type type Use any of the following values: T_FLAG, T_STRING, T_TEXT, T_IP_ADDRESS, T_ARRAY_IP_ADDRESS, T_DOMAIN, T_ARRAY_DOMAIN, T_UINT8,T_UINT16, T_UINT32, T_INT8, T_INT16Example: T_TEXT

ExamplesThis section contains examples of how to create data files for option definitions. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding an IPv4 Option Definition

This example shows how to import an option definition to the IPv4 option space Space01.

header-OptionDefinition,space*,name*,code*,type* OptionDefinition,Space01,Option99,99,T_IP_ADDRESS

Overwriting IPv4 Option Definition Data

This example shows how to overwrite the IPv4 option definition type from T_IP_ADDRESS to T_FLAG.

header-OptionDefinition,space*,name*,code*,type* OptionDefinition,Space01,Option99,99,T_FLAG

Merging IPv4 Option Definition Data

This example shows how to merge a new space and a new name to an existing IPv4 option definition.

header-OptionDefinition,space*,_new_space,name*,_new_name OptionDefinition,Space01,New_Space01,Option99,New_Option99

Page 494: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 494

IPv6 Option Definition

Note: This object is supported in CSV export only.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-IPv6OptionDefinition

String Yes Example: IPv6OptionDefinition

space String Yes Option Space space Example: MySpace

_new_space

String No Add this field to overwrite the space field when you select the overwrite or merge option.

name String Yes Name name Example: MyOption1

_new_name

String No Add this field to overwrite the name field when you select the overwrite or merge option.

code String Yes Options: Code code Example: 10

type String Yes Options: Type type Use any of the following values:'T_ARRAY_DOMAIN', 'T_ARRAY_INT16', 'T_ARRAY_INT32', 'T_ARRAY_INT8', 'T_ARRAY_IP_ADDRESS', 'T_ARRAY_IP_ADDRESS_PAIR', 'T_ARRAY_UINT16', 'T_ARRAY_UINT32',  'T_ARRAY_UINT8', 'T_DOMAIN', 'T_FLAG', 'T_FLAG_IP_ADDRESS', 'T_FLAG_TEXT', 'T_INT16', 'T_INT32', 'T_INT8', 'T_IP_ADDRESS', 'T_STRING', 'T_TEXT', 'T_UINT16', 'T_UINT32', 'T_UINT8', 'T_UINT8_1_2_4_8' Example: T_INT8

Page 495: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 495

Permissions for DNS Resources with Associated IP Addresses in Networks and RangesYou can further control permissions for DNS resources that have associated IP addresses in a network container, network, or address range. These DNS resources include A records, AAAA records, PTR records, and DNS hosts. Permissions for these resources have been added so you now have more control over who can perform which tasks for these DNS resources without affecting permissions defined for the networks and ranges to which the resources belong. For more information about this feature, refer to the .Infoblox Administrator GuideAs a superuser, you can now grant permissions to admin groups for more granular access to the following resources:

IPv4 and IPv6 DHCP fixed addresses and IPv4 reservations in a rangeIPv4 and IPv6 host addresses in a rangeA and AAAA records in a network container, network, or rangeIPv4 and IPv6 PTR records in a network container, network, or range Following are some examples:

Permissions for Host Address and Fixed Address in a DHCP Network:header-network,address*,netmask*,ADMGRP-foogroup network,10.100.0.0,255.255.0.0,"RW,HostAddress/RW,FixedAddress/DENY" header-IPv6network,address*,cidr*,ADMGRP-foogroup IPv6network,2001::,64,"RW,IPv6FixedAddress/RW,IPv6HostAddress/DENY"

Permissions for Host Address and Fixed Address in a DHCP Range:header-dhcprange,start_address*,end_address*,ADMGRP-foogroup dhcprange,10.100.20.0,10.100.20.255,"DENY,FixedAddress/RO,HostAddress/RW"

Permissions for A and PTR Records in a DHCP Network:header-network,address*,netmask*,ADMGRP-foogroup network,30.30.0.0,255.255.0.0,"RW,ARecord/RW,PtrRecord/DENY"

Note: You cannot import network containers and IPv6 ranges using CSV import.

Page 496: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 496

DHCP Failover AssociationField Name

DataType

Required(Yes/No)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-DhcpFailoverAssoc

String Yes Identifies the first row as a header row for the DHCP failover association. Example: DhcpFailoverAssoc.

name String Yes Name name Indicates the name of the DHCP failover association. Example: dhcp_fo_assoc1.

_new_name

String No Add this field to overwrite the field when you select the or option.name Overwrite Merge

comment String No Comment comment Example: DHCP Failover Association.

primary_server_type

String Yes Indicates whether the primary server of the name server group is set to Grid or External. Example: GRID

grid_primary

String No Grid Primary primary Indicates the name of the Grid primary. Example: infoblox.localdomain

external_primary

IP address

No External Primary

primary Indicates the IP address. Example: 10.10.10.1

secondary_server_type

String Yes Indicates whether the secondary server of the name server group is set to Grid or External. Example: External

grid_secondary

String No Grid Secondary

secondary Indicates the name of the Grid secondary. Example: infoblox2.localdomain

external_secondary

IP address

No External Secondary

secondary Indicates the IP address. Example: 20.20.20.1

failover_port

Unsigned integer

No Indicates the failover port number. The default value is 647. The port number must be between 1 and 63999.

max_response_delay

Unsigned integer

No max_response_delay

Indicates the maximum response delay value of a DHCP failover object. Default value is 60 seconds and the minimum value is one second.

max_unacked_updates

Unsigned integer

No max_unacked_ updates

Indicates the maximum number of unacked updates value of a DHCP failover object. Default value is10 minutes and the minimum value is one second.

mclt Unsigned integer

No max_client_lead_ time

Indicates the maximum client lead time value of a DHCP failover object. Specify the value of the maximum client lead time in a 32-bit integer format (range from 0 to 4294967295) that represents the duration in seconds. The default value is 3600.

max_load_balance_delay

Unsigned integer

No max_load_balance_delay

Indicates the maximum load balancing delay value of a DHCP failover object. Specify the value of the maximum load balancing delay in a 32-bit integer format (range from 0 to 4294967295) that represents the duration in seconds. The default value is three seconds.

load_balance_split

Unsigned integer

No load_balance_split

Indicates the load balancing split value of a DHCP failover object. Specify a value from zero to 255. The default value is 128.

recycle_leases

Boolean No Lease Deletion

recycle_leases This field is set to by default. When you set this to , leases in a deleted range are kept True Trueuntil expiration. Ensure that you use the option if you want to change the value to Overwrite False. Merging data from an import preserves the default value.

EA-Site String No Extensible attribute

extensible_attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California.

EA-Users String No Extensible attribute

extensible_attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John.

Grid Member

Field Name

Data Type

Required(Yes/No)

Associated GUI Field

Associated PAPI

Method

Usage and Guidelines

Header-Member

String Yes Identifies the first row as a header row for the member objects. Example: Member

_new_name FQDN No Add this field to overwrite the field when you select the or option.name Overwrite Merge

comment String No Comment comment Example: This is a Grid member.

enable_ha Boolean No enable_ha Enable or disable HA. This is if HA is enabled. Example: FalseTrue

Page 497: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 497

ha_nodes String No Indicates the list of ha_status, or public_ip_address, or ipv6_public_ip_address, or ha_ip_address. Example: ACTIVE/10.0.0.11//10.0.0.12, PASSIVE/10.0.0.13//10.0.0.14

vpn_mtu Unsignedinteger

No vpn_mtu Indicates maximum transmission unit of the VPN. Example: 1450

ipv4addr String Yes (Insert) IP Address ipv4addr Indicates IPv4 address.Example: 10.0.0.10. Note that you must specify this column in the CSV file when you perform a CSV Import Insert operation.

mask String Yes (Insert) mask Indicates the netmask. Example: 255.255.255.0. Note that you must specify this column in the CSV file when you perform a CSV Import Insert operation.

gateway String Yes (Insert) gateway Indicates the gateway address. Example: 10.0.0.1. Note that you must specify this column in the CSV file when you perform a CSV Import Insert operation.

vlan_id Unsignedinteger

No VLAN Id for LAN1 and LAN2 address. Example: 10

ipv6addr String No IP Address ipv6addr Indicates IPv6 address. Example: 2001::10

ipv6_cidr Unsignedinteger

No ipv6_cidr The CIDR of the Grid member. This is required only when ipv6addr is specified.Example: 64

ipv6_enable_auto_config

Boolean No ipv6_enable_ auto_config

Enable or disable IPv6 auto-configuration of the Grid member. Example: False

ipv6_gateway String No ipv6_gateway The LAN IPv6 gateway of the Grid member. Example: 2001::1

ipv6_vlan_id Unsignedinteger

No The IPv6 VLAN ID of a Grid member. Example: 10

nic_failover_enabled

Boolean No nic_failover_enabled

Set or deactivate the flag of a Grid member. This is required only nic_failover_enabledwhen the member is a single appliance. To enable this flag, you must set the flag lan2_portto . Example: FalseTrue

lan2_enabled Boolean No Enable or disable LAN2.Example: False

lan2_ipv4addr

String No lan2_ipv4addr The LAN IP address of the LAN2 port. To configure the LAN2 port, you must set the lan2_po flag to . Example: 10.0.0.20rt True

lan2_mask String No lan2_mask The netmask of the LAN2 port. To configure the LAN2 port, you must set the flag lan2_portto . Example: 255.255.255.0True

lan2_ipv6addr

String No The LAN IPv6 address of the LAN2 port. To configure the LAN2 port, you must set the lan2_ flag to . Example: 2001::20port True

lan2_vlan_id Unsignedinteger

No The VLAN ID of the IPv4 LAN2 port. To configure the LAN2 port, you must set the lan2_portflag to . Example: 10True

lan2_dscp Unsignedinteger

No The DSCP value of the IPv4 LAN2 port. Valid values are integers between zero and 63. Example: 15

lan2_gateway String No lan2_gateway The gateway IP address of the LAN2 port. To configure the LAN2 port, you must set the lan2 flag to . Example: 10.0.0.1_port True

lan2_ipv6_cidr

Unsignedinteger

No lan2_ipv6_cidr The CIDR of the LAN2 port. To configure the LAN2 port, you must set the flag to lan2_port T. Example: 64rue

lan2_ipv6_dscp

Unsignedinteger

No The DSCP value of the IPv6 LAN2 port. Valid values are integers between zero and 63. Example: 15Example: 0

lan2_ipv6_enable

Boolean No lan2_ipv6_ enable

Enable or disable IPv6 configuration of the LAN2 interface. Example: False

lan2_ipv6_enable_auto_config

Boolean No lan2_ipv6_enable_auto_config

Enable or disable IPv6 auto-configuration of the LAN2 interface.Example: False

lan2_ipv6_gateway

String No lan2_ipv6_ gateway

The LAN IPv6 gateway of the LAN2 port. To configure the LAN2 port, you must set the lan2_ flag to . Example: 2001::1port True

lan2_ipv6_vlan_id

Unsignedinteger

No The VLAN ID of the IPv6 LAN2 port. To configure the LAN2 port, you must set the lan2_portflag to .Example: 20True

nat_enabled Boolean No nat_enabled Specify to enable the NAT compatibility setting or to disable it. Example: FalseTrue False

nat_group String No nat_group The NAT group of a Grid member. This is required only when NAT compatibility is enabled. Example: group1/comm1,group2/comm2

nat_ip_address

String No The NAT IP address of a Grid member. Required only when NAT compatibility is enabled. Example: 10.0.0.10

static_routes List of IPv4 static routes

No static_routes This list contains the static routes of a Grid member. The valid format is: address/subnet_mask/gateway. Example:10.10.1.10/255.255.0.0/ 10.10.1.1

ipv6_static_routes

List of IPv6

No ipv6_static_ routes

This list contains the IPv6 static routes of a Grid member. The valid format is: address/cidr/gateway. Example: 2001::10/64/2001::1

Page 498: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 498

static routes

remote_console_access

Boolean No use_remote_ console_ access

Enable or disable remote console access. When you enable remote console access, a client can access the device using a Secure Shell (SSH) connection. Example: False

support_access

Boolean No use_support_ access

Specify to set the r flag or to deactivate it.Default value True emote_console_access Falseis . TrueExample: False

enable_query Boolean No Example: False

query_comm_string

String No Indicates the SNMP (Simple Network Management Protocol) community string that management systems must send together with their queries to the Infoblox appliance. If this is set to , SNMP queries will be disabled.undef

enable_snmpv3_query

Boolean No enable_ snmpv3_query

Enable or disable SNMPv3 queries. Example: False

enable_traps Boolean No Enable or disable traps. Example: False

trap_comm_string

String No The SNMP trap community string of the Grid member. Default value is .undef

enable_snmpv3_traps

Boolean No Enable or disable SNMPv3 traps. Example: False

snmp_admin String No Set or retrieve the SNMP admin object. Example: sysname/syscontact/syslocation/ sysdescr

snmpv3_query_users

String No Indicates the SNMPv3 user setting at the Grid level. Example: snmpv3User/comment

trap_receiver String No Indicates the SNMP trap receivers of a Grid member. Example: 10.0.0.10/snmpUseName/ comment

additional_ip_list

String No additional_ip_list

Indicates the additional IP list of a Grid member. This list contains additional interface information that can be used on the member level.The valid format is: interfaceType/networkSetting/comment/ ospf/anycast/bgp Example for IPv4: address/subnet_mask/gateway/vlan_id/primary/dscp/use_dscp Example for IPv6: virtual_ip/cidr_prefix/gateway/vlan_id/ primary/dscp/use_dscp/enabled/ auto_router_configure_enabled

enable_member_redirect

Boolean No enable_ member_redirect

Set or retrieve the flag that specifies if GUI redirection is enabled for members. Example: False

virtual_router_id

Integer No Indicates virtual router identifier. Example:110

dscp Unassigned integer

No dscp Indicates the DSCP value. The default value is zero.

EA-Site String No Extensible attribute

extensible_ attributes

EA-Site is an example of a predefined extensible attribute. You can add other predefined attributes to the data file. Example: California

EA-Users String No Extensible attribute

extensible_ attributes

EA-Users is an example of a user defined attribute. You can add other user defined attributes to the data file. Example: John

ADMGRP-XXXX

String No Permissions Admin Group/Role

permission ADMGRP-JimSmith is an example of an admin permission of a specific admin group. Example: RW

Page 499: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 499

Upgrade Groups and SchedulesConsider the following when you import upgrade groups and their distribution and upgrade schedules:

The appliance imports a new upgrade group only when both the distribution and upgrade schedules are inactive.You can modify members and the comment field of an existing upgrade group only when both the distribution and upgrade schedules are inactive.You can modify distribution related fields of an existing upgrade group only when the distribution schedule is inactive.You can modify upgrade related fields of an existing upgrade group only when the upgrade schedule is inactive.The Grid Master is the only member of the Grid Master group. You cannot move it to another upgrade group.You cannot change the members of the Reporting Member group nor move them to another upgrade group.When you remove a member from its original group, it will be placed in the Default group. You may notice additional members in the Default group if you remove members from any upgrade groups.When you specify both dependency and distribution or upgrade time for an upgrade group, dependency takes precedence.

Note: When you import an upgrade group and its distribution and upgrade schedules, you cannot control the activation and deactivation of the schedules. You can activate and deactivate the schedules through the GUI after the import.

Field Name Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-upgrade_group

String Yes UpgradeGroup Example: UpgradeGroup

name String Yes Name Example: UpgradeGp

comment String No Comment comment Add this field to overwrite the comment you entered for the upgrade group.

members Grid member list

No Member Assignment Name

members Enter a list of Grid members separated by commas. Use the FQDNs of the Grid members. Enclose the entire string in double quotes.Example:“corp100.mktg.com,corp100.dev.com”

time_zone String No Time Zone time_zone The value in this field applies to both distribution_time and upgrade_time. If you do not specify a time zone, the Grid level time zone is used.

distribution_dependent_group

String No Name distribution_dependent_group

Enter the name of the preceding upgrade group that this group depends on during a distribution.

distribution_policy String No Distribute to Members

distribution_policy Valid values are: SIMULTANEOUSLY or SEQUENTIALLY.

distribution_time Time No Start Distribution (Date/Time)

distribution_time Enter the distribution start date and time in YYYY-MM-DDTHH:MM:SS format.

upgrade_dependent_group

String No Name upgrade_dependent_group

Enter the name of the upgrade group that this group depends on during an upgrade.

upgrade_policy String No Upgrade Members

upgrade_policy Valid values are: SIMULTANEOUSLY or SEQUENTIALLY.

upgrade_time Time No Start Upgrade upgrade_time Enter the upgrade start date and time in YYYY-MM-DDTHH:MM:SS format.

Page 500: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 500

1. 2. 3. 4.

Named ACLsConsider the following when you import named ACLs and ACEs for an existing named ACL:

The appliance appends ACES to the end of the named ACL.Validate all imported named ACLs after a CSV import. The appliance does not automatically validate ACEs. To avoid conflicts and unexpected results, you must validate the named ACLs.To reorder an existing named ACL through CSV import, complete the following:

Export the named ACL.Delete all ACEs in the named ACL. The appliance allows a named ACL without any ACEs.Reorder the ACEs in the .csv file.Re-import the updated file through CSV import.

You can add a named ACL as a nested ACL to an existing named ACL.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-namedacl

String Yes NamedACL Example: namedacl

name String Yes Name nacl Example: nacl1

_new_name String No Add this field to overwrite the name field when you select the overwrite or merge option.

comment String No Comment comment Add this field to overwrite the comment you entered for the name ACL.

ExamplesThis section contains examples of how to create data files for named ACLs. All examples use comma as the separator. You can use other supported separators, such as semicolon, space, or tab.

Adding a new named ACL

This example shows how to import a new named ACL nacl1.

Header-namedacl,name*,comment namedacl,nacl1,"This is a new named ACL."

Overwriting the name of a named ACL

This example shows how to overwrite the name of an existing named ACL nacl1 to nacl2.

Header-namedacl,name*,_new_name namedacl,nacl1,nacl2

Page 501: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 501

ACES in Named ACLsYou can add or overwrite ACEs in an existing named ACL. When you add or modify ACEs in a named ACL, you must have one of the following categories in each entry: IP address, TSIG key based ACE, or a nested named ACL. A combination of these in an entry will generate an error.

Field Name

Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

Header-namedaclitem

String Yes ACL item Example: namedaclitem

parent String Yes Named ACL nacl This is the existing named ACL.Example: nacl1

address String No IPv4 AddressIPv6 Address

ipv4addripv6addr

This field includes required information for IP address based ACEs. Use forward slashes as the delimiter to separate permission, address, and netmask.Example: “10.0.0.1/24/Allow”

_new_address

String No Add this field to overwrite the address field when you use the overwrite or merge option.

tsig_key String No TSIG Key TSIGKEY This field includes required information or TSIG key based ACEs. Use forward slashes as the delimiter to separate tsig_key_name, tsig_key, tsig_key_alg, and use_2x_tsig_key.Example:“key_1/ny/bY2Da8Lj+2YZ4dYEJLQ==/HMAC-SHA256/false”

_new_tsig_key

String No Add this field to overwrite the tsig_key field when you use the overwrite or merge option.

defined_acl String No Named ACL nacl This field adds a named ACL as a nested ACL to an existing named ACL.Example: nacl2

_new_named_acl

String No Add this field to overwrite the named_acl field when you use the overwrite or merge option.

comment String No Comment comment Add this field to overwrite the comment you entered for the name ACL.

Adding an IP address based ACE to an existing named ACLThis example shows how to import an IP address based ACE to nacl1. You must include the following information in the address field: address/netmask/permission. The appliance append the ACE to the end of the ACL. Ensure that you validate the ACL after the import.

Header-namedaclitem,parent*,address namedaclitem,N1,10.0.38.230/ALLOW namedaclitem,N1,172.0.0.0/8/ALLOW

Adding a TSIG key based ACE to an existing named ACLThis example shows how to import a TSIG key based ACE to nacl1. You must include the following information in the tsig_key field: tsig_key_name/tsig_key/tsig_key_alg/use_2x_tsig_key. The appliance append the ACE to the end of the ACL. Ensure that you validate the ACL after the import.

Header-namedaclitem,parent*,tsig_key nmaedaclitem,"nacl1","key_1/bY2Da8Lj+2YZ4dYEJLQ==/HMAC-SHA256/false"

Adding a nested named ACL to an existing named ACLThis example shows how to import a nested named ACL nacl2 to the parent named ACL nacl1. The appliance append the nested ACL to the end of the ACL. Ensure that you validate the ACL after the import.

Header-nmaedaclitem,parent*,defined_acl namedaclitem,"nacl1","nacl2"

Adding and overwriting multiple ACEsThis example shows how to add new ACEs and modify existing ACEs. Ensure that you validate the ACL after the import.

Header-namedaclitem,parent*,address,_new_address,tsig_key,_new_tsig_key,defined_acl,_new_acl naemdaclitem,"nacl1","Allow/10.0.0.1/24","Deny/10.0.0.1/24",,,,namedaclitem,"nacl1",,,"key_1/bY2Da8Lj+2YZ4dYEJLQ==/HMAC-SHA256/false",,, namedaclitem,"nacl1",,,,,,"acl2"

Page 502: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 502

Discovery CredentialsYou can define a list of SNMP v1/v2c credentials or a list of SNMPv3 credentials to import through a CSV file. Sensitive authentication information may be part of an SNMP credential import, including SNMPv1 or SNMPv2c communities or SNMPv3 user/password tuples for privacy and authentication. This information is also stored in the NIOS database.CSV import of credentials contains community strings and passwords in plain text. Imported CSV files are uploaded with a POST in an HTTPS session and are deleted immediately after the import operation completes, whether or not the import is successful.

SNMPv1/SNMPv2c Credentials Format

Field Name Data Type

Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guideline

Header-discoverysnmpv1v2credentials

String Yes SNMPCredential

comment String No Comment comment Use this field to set or retrieve the comment on SNMPv1 and SNMPv2 users.

community_string String Yes Read Community community_string

_new_community_string String No Use this field to set or retrieve the public community string.

parent String Yes SNMPv1/v2 This is the existing credential.

SNMPv3 Credentials Format

Field Name Data Type Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guideline

Header-discoverysnmpv3credentials

String Yes SNMP3Credential

user String Yes Name user Use this field to set or retrieve the SNMPv3 user name.

_new_user String No Name Add this field to overwrite the user field when you use the overwrite or merge option.

authentication_password

String (if protocol is (MD5/SHA)

No Auth Password authentication_password

Use this field to set the authentication password if the authentication protocol is MD5 or SHA. This is a write-only attribute.

authentication_protocol

String (valid values are MD5/SHA/NONE)

No Auth Protocol authentication_protocol

Use this field to set or retrieve the authentication protocol.

_new_authentication_protocol

String No Add this field to overwrite the authentication_protocol field when you use the overwrite or merge option.

comment String No Comment Add this field to overwrite the comment you entered for the credential.

parent String Yes SNMPv3

privacy_password String (if protocol is AES/DES/3DES)

No Privacy Password

privacy_password

Use this field to set the privacy password if the privacy protocol is 'AES', 'DES' or '3DES'. This is a write-only attribute.

privacy_protocol String (valid values: AES/DES/3DES/NONE)

No Privacy Protocol

privacy_protocol

Use this field to set or retrieve the privacy protocol.

_new_privacy_protocol

String No Add this field to overwrite the privacy_protocol field when you use the overwrite or merge option.

Page 503: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 503

DTC Header ItemsThis topic lists all the DTC objects whose names start with "dtc". These objects are displayed as DtcLbdn, DtcServer, and so on in the CSV export or import file. The following DTC objects support CSV import and export:

DtcLBDNDtcServerDtcPoolDtcMonitorHttpDtcMonitorSipDtcMonitorlcmpDtcMonitorPdpDtcMonitorTcpDtcMonitorSnmpDtcARecordDtcAaaaRecordDtcCnameRecordDtcNaptrRecord

The following DTC object supports only CSV export:

DtcCertificate

DtcLbdn Header Items 

Name Type Required Example lbap Name

Comment

Header-DtcLbdn

String Yes DtcLbdn

name* String Yes load_bal

_new_name String No name

lb_method* String Yes GLOBAL_AVAILABILITY lb_method Valid values are 'GLOBAL_AVAILABILITY', 'RATIO', 'ROUND_ROBIN', and 'TOPOLOGY

patterns List of strings No .domain.com, .test.com' patterns Valid value is an array of FQDN patterns in string format

disabled Boolean No false disabled

comment String No A DTC LBDN comment comment

persistence Unsigned integer No 5 persistence Zero specifies no caching

topology String No topology-1 topology

ttl Unsigned integer No 10 ttl

pools LBDN linked list of pools

No pool/ratio eg: "pool1/1,pool2/10...

pools

auth_zones LBDN linked list of auth zones

No authzone1.com, authzone2.com,...

auth_zones List of DTC LBDN linked authoritative zones

types String No NAPTR types Valid values are 'A', 'AAA', 'NAPTR', 'CNAME'

priority Unsigned integer No 3 priority Valid values between 1 and 3. The default is 3.

EA-Site String No San Jose

DtcServer Header Items

Name Type Required Example lbap Name

Comment

Header-DtcServer String Yes DtcServer

name* String Yes server1 name

_new_name String No name

host* String Yes 192.168.1.2 host Address or FQDN of a DTC server

disabled Boolean No false disabled

Page 504: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 504

comment String No A DTC server comment comment

auto_create_host_record

Boolean No false comment

sni_hostname String No sni-host.infoblox.localdomain sni_hostname

Host name for Server Network Indication to be used with the HTTPS monitor

monitors List of DTC health monitors

No Monitor name/Monitor type/Host

For example: TCP-1/tcp/10.10.10.10,SIP-1/sip/20.20.20.20,ICMP-1/icmp/30.30.30.30,...

monitors List of names of DTC server monitors

EA-Site String No San Jose

DtcPool Header Items

Name Type Required Example lbap Name

Comment

Header-DtcPool

String Yes DtcPool

name* String Yes pool1 name

_new_name

String No name

lb_preferred_method

String No RATIO lb_preferred_method

Valid values are 'ALL_AVAILABLE', 'DYNAMIC_RATIO', 'GLOBAL_AVAILABILITY', 'RATIO', 'ROUND_ROBIN', and 'TOPOLOGY'

disabled Boolean No false disabled

comment String No A DTC pool comment comment

lb_preferred_topology

Topology rules for preferred 'TOPOLOGY' load balancing method

No custom-2 preferred_topology

lb_alternate_method

String No RATIO alternate_method

Alternate load balancing method. Valid values are 'ALL_AVAILABLE', 'DYNAMIC_RATIO', 'NONE', 'GLOBAL_AVAILABILITY', 'RATIO', 'ROUND_ROBIN', and 'TOPOLOGY'.

lb_alternate_topology

Topology rules for alternate 'TOPOLOGY' load balancing method

No custom-3 alternate_topology

availability

String No any availability

DTC pool resources availability status. Valid values are 'ALL', 'ANY', and 'QUORUM'.

quorum Unsigned integer No 20 quorum The number of monitors that must report the resource as 'up' for 'QUORUM' availability mode to be available.

ttl Unsigned integer No 10 ttl

servers List of DTC servers No server/ratio

For example: dtc-server1/1,dtc-server2/10...

servers

monitors List of health monitors No Monitor name/Monitor type

For example: ICMP-1/icmp,HTTP-1/http,...

monitors List of names and monitor types of DTC pool monitors

dynamic_ratio_preferred

Preferred dynamic ratio load balancing settings

No method/monitor/monitor_metric/monitor_weighing/invert_monitor_metric For example: MONITOR/snmp/.1.3/RATIO/false

dynamic_ratio_preferred

When preferred_method="DYNAMIC_RATIO"

dynamic_ratio_alternate

Alternate dynamic ratio load balancing settings

No method/monitor/monitor_metric/monitor_weighing/invert_monitor_metric

For example: MONITOR/snmp/.1.3/PRIORITY/false

dynamic_ratio_alternate

When preferred_method="TOPOLOGY" and alternate_method="DYNAMIC_RATIO"

EA-Site String No San Jose

DtcMonitorHttp Header Items

Name Type Required Example lbap Name

Comment

Page 505: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 505

Header-DtcMonitorHttp

String Yes DtcMonitorHttp

name* String Yes http_monitor1 name

_new_name

String No name

comment String No A DTC HTTP monitor comment

comment

interval Unsigned integer

No 10 interval

timeout Unsigned integer

No 7 timeout Valid values between 1 and 15

port Unsigned integer

No 8080 port Valid values between 1 and 65535

request String No GET / request Maximum of 1024 characters

content_check

String No EXTRACT content_check

Valid values are 'NONE'(default), 'MATCH', and 'EXTRACT'. If 'MATCH', then 'content_check_op' and 'content_check_regex' params are required; if 'EXTRACT' then ‘content_check_op’,’content_extract_type’, ‘content_extract_value’, and ’content_check_regex’ values are required.

content_check_input

String No BODY content_check_input

Valid values are 'HEADERS', 'ALL'(default) and 'BODY'

content_check_regex

String No SQL Error content_check_regex

content_check_op

String No EQ content_check_op

Valid values are 'EQ' and 'NEQ' for 'MATCH' content check, and 'EQ', 'NEQ', 'LEQ', and 'GEQ' for 'EXTRACT' content check type

content_extract_group

Unsigned integer

No 3 content_extract_group

Valid values between 0 and 8. The default is 0.

content_extract_type

String No INTEGER content_extract_type

Valid values are 'INTEGER' and 'STRING'. The default is 'STRING'.

content_extract_value

String No 1 content_extract_value

A desired extraction value in string format

result String No CODE_IS result Valid values are 'ANY', 'CODE_IS', and 'CODE_IS_NOT'

result_code

Unsigned integer

No 300 result_code

Valid values between 0 and 999

secure Boolean No true secure Default is 'false'

client_cert

Client certificate

No 626596e ... 4362f80c (128 characters)

client_cert

Valid value is a DTC certificate object.

ciphers String No DHE-RSA-AES256-SHA

ciphers Valid value is array of ciphers in a string format

retry_up Unsigned integer

No 3 retry_up Valid values between 1 and 10

retry_down

Unsigned integer

No 3 retry_down

Valid values between 1 and 10

validate_cert

Boolean No false validate_cert

Default is 'true'

enable_sni

Boolean No true enable_sni

Default is 'false'

EA-Site String No San Jose

Page 506: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 506

DtcMonitorSip Header Items

Name Type Required Example lbap Name

Comment

Header-DtcMonitorSip

String Yes DtcMonitorSip

name* String Yes sip_monitor1 name

_new_name String No name

comment String No A DTC SIP monitor comment comment

interval Unsigned integer

No 10 interval

timeout Unsigned integer

No 7 timeout Valid values between 1 and 15

port Unsigned integer

No 8080 port Valid values between 1 and 65535

request String No GET / request Maximum of 1024 characters

result String No CODE_IS result Valid values are 'ANY', 'CODE_IS', and 'CODE_IS_NOT'

result_code Unsigned integer

No 300 result_code Valid values between 0 and 999

transport String No UDP transport Valid values are 'TCP', 'UDP', 'SIPS', and 'TLS'

client_cert Client certificate No 626596e ... 4362f80c (128 characters)

client_cert Valid value is a DTC certificate object

ciphers String No DHE-RSA-AES256-SHA ciphers Valid value is array of ciphers in a string format

retry_up Unsigned integer

No 3 retry_up Valid values between 1 and 10

retry_down Unsigned integer

No 3 retry_down Valid values between 1 and 10

validate_cert Boolean No false validate_cert Default is 'true'

EA-Site String No San Jose

DtcMonitorIcmp Header Items

Name Type Required Example lbap Name Comment

Header-DtcMonitorIcmp String Yes DtcMonitorlcmp

name* String Yes lcmp_monitor1 name

_new_name String No name

comment String No A DTC ICMP monitor comment comment

interval Unsigned integer No 10 interval

timeout Unsigned integer No 7 timeout Valid values between 1 and 15

retry_up Unsigned integer No 3 retry_up Valid values between 1 and 10

retry_down Unsigned integer No 3 retry_down Valid values between 1 and 10

EA-Site String No San Jose

DtcMonitorPdp Header Items

Name Type Required Example lbap Name

Comment

Header-DtcMonitorPdp

String Yes DtcMonitorPdp

name* String Yes pdp_monitor1 name

Page 507: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 507

_new_name String No name

comment String No A DTC PDP monitor comment comment

interval Unsigned integer

No 10 interval

timeout Unsigned integer

No 7 timeout Valid values between 1 and 15

retry_up Unsigned integer

No 5 retry_up Valid values between 1 and 10

retry_down Unsigned integer

No 5 retry_down Valid values between 1 and 10

port Unsigned integer

No 6030 port Valid values between 1 and 65535

EA-Site String No San Jose

DtcMonitorTcp Header Items

Name Type Required Example lbap Name Comment

Header-DtcMonitorTcp String Yes DtcMonitorTcp

name* String Yes tcp_monitor1 name

port* Unsigned integer 6030 port Valid values between 1 and 65535

_new_name String No name

comment String No A DTC PDP monitor comment

comment

interval Unsigned integer No 10 interval

timeout Unsigned integer No 7 timeout Valid values between 1 and 15

retry_up Unsigned integer No 3 retry_up Valid values between 1 and 10

retry_down Unsigned integer No 3 retry_down Valid values between 1 and 10

EA-Site String No San Jose

DtcMonitorSnmp Header Items

Name Type Required Example lbap Name

Comment

Header-DtcMonitorSnmp

String Yes DtcMonitorSnmp

name* String Yes snmp_monitor1 name

port Unsigned integer 6030 port Valid values between 1 and 65535

_new_name String No name

comment String No A DTC SNMP monitor comment comment

interval Unsigned integer No 10 interval

timeout Unsigned integer No 7 timeout Valid values between 1 and 15

retry_up Unsigned integer No 3 retry_up Valid values between 1 and 10

retry_down Unsigned integer No 3 retry_down

Valid values between 1 and 10

version String No V1 version Valid values are 'V1', 'V2C', and 'V3'

community String No desired_community community

SNMP community string for an SNMP authentication

oids List of OIDs for SNMP monitoring

No .1.3/Comment-1/INTEGER/RANGE/10/1000,.1.2/Comment-2/STRING/EXACT/abc/,...

oids

user String No user1 user SNMPv3 user setting

context String desired_context context SNMPv3 context. Maximum of 1023 characters.

Page 508: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 508

engine_id String No desired_engine_id engine_id SNMPv3 engine identifier. Max of 1023 characters.

EA-Site String No San Jose

DtcARecord Header Items

Name Type Required Example lbap Name Comment

Header-DtcARecord String Yes DtcARecord

ipv4addr* IPv4 address Yes 10.0.0.1 address

_new_ipv4addr IPv4 address No address

dtc_server* DTC server Yes server1 lbdns_server DTC server the DTC A record is associated with

ttl Unsigned integer No 1024 ttl

disabled Boolean No false disabled

comment String No Sample DTC A record comment

DtcAaaaRecord Header Items

Name Type Required Example lbap Name Comment

Header-DtcAaaaRecord String Yes DtcAaaaRecord

ipv6addr* IPv6 address Yes 2001:db8::1 address

_new_ipv6addr IPv6 address No address

dtc_server DTC server Yes server1 dtc_server DTC Server the DTC AAAA record is associated with

ttl Unsigned integer No 1024 ttl

disabled Boolean No false disabled

comment String No Sample DTC AAAA record comment

DtcCnameRecord Header Items

Name Type Required Example lbap Name Comment

Header-DtcCnameRecord String Yes DtcCnameRecord

canonical* String Yes dtc.localdomain canonical_name Canonical name of the resource

_new_canonical String No canonical_name

dtc_server* DTC server Yes server1 dtc_server DTC Server the DTC CNAME record is associated with

ttl Unsigned integer No 1024 ttl

disabled Boolean No false disabled

comment String No Sample DTC CNAME record comment

DtcNaptrRecord Header Items

Name Type Required Example lbap Name

Comment

Header-DtcNaptrRecord

String Yes DtcNaptrRecord

dtc_server* DTC server Yes server1 dtc_server DTC server the DTC NAPTR record is associated with

order* Unsigned integer

Yes 100 order

_new_order Unsigned integer

No order

preference* Unsigned Yes 10 preference

Page 509: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 509

integer

_new_preference Unsigned integer

No preference

replacement* String Yes domain2.com replacement The desired replacement value in a Fully-Qualified Domain Name (FQDN) format.

_new_replacement String No replacement

flags* String No U flags Empty value is allowed. Supported values for the flags field are 'U', 'S', 'P', and 'A'.

_new_flags String No flags

services* String No SIP+D2U services Empty value is allowed

_new_services String No services

regexp* String No !http://my[.](.*)!1!i regexp Empty value is allowed

_new_regexp String No services

ttl Unsigned integer

No 28800 ttl

disabled Boolean No false disabled

comment String No Sample DTC NAPTR record

comment

DtcCertificate Header Items

Name Type Required Example lbap Name

Comment

Header-Dtccertificate

String Yes DtcCertificate

certificate DTC certificate

No Object Hash/Issuer/Valid from/Valid to/Subject

For example:

"702971b9b6bb34468f6006389f53849dff43c78ee415d256f771cdcb58782081025e28362c714d27

c9c652967afa64f0edf0c17170b3ace72bd0b3c9eebad7ef/CN=""pannpn"",OU=""Engineering"",O=""Infoblox"",L=""NYC",ST=""Kerala"",C=""IN""/2017-11-22 18:46:43/2018-11-22 18:46:43/CN=""pannpn"",OU=""Engineering"",O=""Infoblox"",L=""NYC"",ST=""Kerala"",C=""IN""

cert Object hash is the SHA512 fingerprint of the certificate, that is to be used during the CSV import/export of dtcMonitorHttp and dtcMonitorSip objects in the client_cert field

Page 510: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 510

DHCP Lease

Note: Infoblox supports CSV export for DHCP lease, but does not support CSV import.

Field Name

Data Type Required (Yes/No)

Associated GUI Field

Associated PAPI Method

Usage and Guidelines

header-lease

String Yes Example: Lease

agent_id String Determined based on the value of "option"

billing_class

String billing_class

binding_state

Enum{FREE, BACKUP, ACTIVE, EXPIRED, RELEASED, ABANDONED, RESET}

binding_state

circuit_id String No agent_circuit_id This field is required when match_option = CIRCUIT_ID. Example: 11

duid String Yes DUID duid Example: 0001

ends DateTime ends Lease end time

fingerprint

String Yes DHCP Fingerprints

fingerprint An array of DHCP fingerprints.

fingerprint-class

String No Next Server next_server Example: blue.domain.com

ip_address

IP address Yes IP Address ipv4addr Example: 10.0.0.11

link_selection

IP address IP address Example: 10.0.0.0

mac_address

MAC address No MAC Address mac This field is required if match_option = MAC_ADDRESS, or if you are importing a reservation. Example: aa:d1:dd:10:ff:02

next_binding_state

Enum{FREE, BACKUP, ACTIVE, EXPIRED, RELEASED, ABANDONED, RESET}

next_binding_state

Example: FREE

protocol String Yes protocol protocol Protocol type. This can be IPV4 or IPV6.

remote_id Integer No Remote ID remote_id_name

Example: 50

server_host_name

String No Indicates the name of the server host. Example: infoblox.localdomain

server_id_override

IP address IP address Example: 10.0.0.1

starts DateTime Lease start time

uid String Yes UID uid

username String Username username

Page 511: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 511

Importing Multiple Action CSV fileWhen you import data, you can include multiple actions, such as add, modify, and delete, in one single CSV file. The multiple action CSV import file contains multiple types of objects with its headers and data rows listed in the order of their dependency hierarchy.The CSV import option supports insert, merge/override and delete operations. To combine these operations together in a single CSV file, you must specify an optional column in the CSV import file. The column value for each data row describes the type of action that the appliance supports IMPORT-ACTIONfor the respective row. The action values include the following: (Insert), (Merge), (Override), (Insert + Merge), (Insert + Override), (Delete).I M O IM IO DNote that you must specify appropriate values in the column for each row to perform a multiple action CSV import. The appliance IMPORT-ACTIONperforms the respective operation when you specify , , , , in theI M O D

column. When you specify or , the appliance first checks if the corresponding object exists. If it exists, the appliance performs the IMPORT-ACTION IM IOmerge or override operation accordingly. If the object does not exist, you must first perform the insert operation to add the data.

Note: When you choose the option, the appliance verifies whether the column is present in the imported CSV file. If the Custom IMPORT-ACTION IMPOR column is empty for a data row, then that data row is considered invalid and the appliance displays an error message. If you choose T-ACTION Continue on

, then the CSV import process continues.Error

Table 1.7 contains the list of all CSV supported objects for export/import in the order of their dependency. The least dependent objects are displayed at the top:

Page 512: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 512

Table 1.7 List of all CSV supported objects for export/importObject Category Export/import objects in the order of dependency Actions that are not supported

I - Insert; D - Delete

Global NamedACL

NamedACL item

Network view

Upgrade group

DNS64 Synthesis Group

Rulesets

Blacklist Rule

NXDOMAIN Rule

DiscoverySnmpv3Credentials

DiscoverySnmpv1v2Credentials

DiscoveryCliCredentials

SubGridNetwork D

FtpUser

RirOrganization

IpBlockGroup

IpBlock

Member I, D

DNS Objects GridDns I, D

View

MemberDns I, D

NS Group

Authoritative Zone

Delegated Zone

Bulk Host

IPv4 Host Address

Host Record

IPv6 Host Address

A Record

AAAA Record

CNAME Record

DNAME Record

MX Record

NAPTR Record

NS Record

PTR Record

TXT Record

SRV Record

Page 513: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 513

Forward Zone

Stub Zone

Response Policy Zone

Response Policy Arecord

Response Policy AAAArecord

Response Policy IP Arecord

Response Policy IP AAAArecord

Response Policy MXrecord

Response Policy NAPTRrecord

Response Policy PTRrecord

Response Policy SRVrecord

Response Policy TXTrecord

Response Policy CNAMErecord

Response Policy IP Address

Response Policy Client IP Address

Response Policy IP Address CNAME

Response Policy Client IP Address CNAME

DHCP Objects GridDhcp I,D

MemberDhcp I,D

Network Container

IPv4 Network

IPv6 Network Container

IPv6 Network

DHCP Failover Associations

IPv4 Shared Network

IPv6 Shared Network

IPv4 Reserved Range

IPv6 Reserved Range

IPv4 Fixed Address/Reservation

IPv6 Fixed Address

IPv4 Option Space

IPv4 Option Definition

IPv6 Option Space

IPv6 Option Definition

IPv4 DHCP Range

IPv6 DHCP Range

DHCP MAC Filter

MAC Filter Address Item

Option Filter

DHCP Fingerprint

DHCP Fingerprint Filter

Page 514: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 514

Relay Agent Filter

NAC Filter

Lease

Page 515: Infoblox NIOS 8.4 CLI Guide

Copyright ©2019, Infoblox, Inc. All rights reserved. Page 515

Supported Expressions for Search ParametersRegular expressions are text strings that you use to describe search patterns. You can use the following special characters to define regular expressions for search parameters.

Special character

Purpose Example Meaning

() Defines the scope and precedence of the operator gr(a|e)y Matches “gray” or “grey”.

| Matches either the regular expression before or after the vertical bar

a|c Matches “a” or “c”

. Matches any single character .at Matches any text string ending with“at”, such as “hat”, “cat”, and “bat”.

* Matches the previous regular expression zero or more times a*bc Matches zero or multiple occurrences of “a” followed by “bc”, such as “bc”, “abc”, “aabc”, “aaabc”, and so on.

+ Matches the previous regular expression one or more times a+bc Matches one or more occurrences of “a”, followed by “bc”, such as “abc”, “aabc”, “aaabc”, and so on.

? Matches the previous regular expression zero or one time a?bc Matches zero or one occurrence of “a”, followed by “bc”, such as “bc” or “abc”.

^ Matches the beginning of a text string ^c Matches any string beginning with “c”, such as “cat”.

$ Matches the end of a text string com$ Matches any string ending with “com”, such as “Infoblox.com”.

[ ] Matches any character specified inthe brackets

[03][abcd][15a-d]

Matches “0” or “3”.Matches “a”, “b”, “c”, or “d”.Matches “1”, “5”, “a”, “b”, “c”, or “d”.

[ n-n] Matches single characters contained in the specified range, including the start and end points

[0-3][a-f]

Matches 0, 1, 2, and 3.Matches a, b, c, d, e, and f.

\{m,n\} Matches the preceding expression at least m but not more than n times.

a\{3,5\} Matches “aaa”, “aaaa”, and “aaaaa”.

You can change a special character—such as the period ( . ), asterisk ( * ), plus sign ( + ), or question mark ( ? )—Note:into a literal character by prefixing it with a backslash ( \ ). For example, to specify a literal period, asterisk,plus sign, or question mark, use the characters within the following parentheses: ( \. ) , ( \* ), ( \+ ), ( \? ), ( \^ ),( \$ ).


Infoblox Deployment Guide - VLAN Management in NIOS 8€¦ · This deployment guide shows how to implement VLAN Management on NIOS 8.4. This feature allows the administrator to compare

Infoblox Deployment Guide - VLAN Management in NIOS 8€¦ · This deployment guide shows how to implement VLAN Management on NIOS 8.4. This feature allows the administrator to compare

Infoblox Trinzic Appliances with NIOS v8.2.6 …...Infoblox Trinzic Appliances with NIOS v8.2.6 Security Target Version 1.0 30 May 2018 Prepared for: Infoblox 4750 Patrick Henry Drive

Infoblox Trinzic Appliances with NIOS v8.2.6 …...Infoblox Trinzic Appliances with NIOS v8.2.6 Security Target Version 1.0 30 May 2018 Prepared for: Infoblox 4750 Patrick Henry Drive

Infoblox _ Bro

Infoblox _ Bro

Infoblox Certifications - TrendsNet, Inc. - Cisco Training ... · Infoblox Certifications NIOS Certification Path Certified Infoblox Core Administrator (CICA) Certifies essential

Infoblox Certifications - TrendsNet, Inc. - Cisco Training ... · Infoblox Certifications NIOS Certification Path Certified Infoblox Core Administrator (CICA) Certifies essential

Deployment Guide Infoblox Threat Intelligence Feed ·  · 2018-04-25© 2017 Infoblox Inc. Infoblox Threat Intelligence Feed Page 1 of 10 Deployment Guide Infoblox Threat Intelligence

Deployment Guide Infoblox Threat Intelligence Feed ·  · 2018-04-25© 2017 Infoblox Inc. Infoblox Threat Intelligence Feed Page 1 of 10 Deployment Guide Infoblox Threat Intelligence

Infoblox CSV Import Referencedloads.infoblox.com/direct/appliance/NIOS/NIOS_CSV_Ref_7.3.pdf · — Importing Active Directory Domains and Sites on page 15 — CSV Import for Topology

Infoblox CSV Import Referencedloads.infoblox.com/direct/appliance/NIOS/NIOS_CSV_Ref_7.3.pdf · — Importing Active Directory Domains and Sites on page 15 — CSV Import for Topology

Release 1.1.1 Gavin M. Roy - Read the Docs · infoblox Documentation, Release 1.1.1 An unofficial python library for interfacing with Infoblox NIOS. This library is not affiliated

Release 1.1.1 Gavin M. Roy - Read the Docs · infoblox Documentation, Release 1.1.1 An unofficial python library for interfacing with Infoblox NIOS. This library is not affiliated

Infoblox Deployment Guide - Activating Flex Grid License ...€¦ · 11. After NIOS license assignment, NIOS will reboot itself. 12. Once NIOS is online, again navigate to the license

Infoblox Deployment Guide - Activating Flex Grid License ...€¦ · 11. After NIOS license assignment, NIOS will reboot itself. 12. Once NIOS is online, again navigate to the license

F5 and Infoblox DNS Integrated Architecture · F5 and Infoblox DNS Integrated Architecture F5 and Infoblox DNS Integrated Architecture White Paper • • • • • • • •

F5 and Infoblox DNS Integrated Architecture · F5 and Infoblox DNS Integrated Architecture F5 and Infoblox DNS Integrated Architecture White Paper • • • • • • • •

DEPLOYMENT GUIDE Cisco ISE 2.2 Integration with … ISE Integration with Infoblox NIOS 8.2 October 2017 Page ... A file will be created for download similar to this ... Infoblox_client_subscribe_xxxxxxxxx

DEPLOYMENT GUIDE Cisco ISE 2.2 Integration with … ISE Integration with Infoblox NIOS 8.2 October 2017 Page ... A file will be created for download similar to this ... Infoblox_client_subscribe_xxxxxxxxx

Dominic Stahl Infoblox DNSSEC Solution - DENIC eG: Wir ... · Infoblox DNSSEC Solution simple, secure and reliable Infoblox DNSSEC Solution ... Infoblox DNSSEC Offering:

Dominic Stahl Infoblox DNSSEC Solution - DENIC eG: Wir ... · Infoblox DNSSEC Solution simple, secure and reliable Infoblox DNSSEC Solution ... Infoblox DNSSEC Offering:

Deployment Guide Infoblox IPAM Plugin 1.1 for VMware vRA 8...Infoblox IPAM Plugin 1.1 for VMware vRA 8.1 1 Table of Contents Introduction 3 Prerequisites 3 Workflow 3 NIOS Setup 3

Deployment Guide Infoblox IPAM Plugin 1.1 for VMware vRA 8...Infoblox IPAM Plugin 1.1 for VMware vRA 8.1 1 Table of Contents Introduction 3 Prerequisites 3 Workflow 3 NIOS Setup 3

Infoblox NIOS Software · Infoblox NIOS core technologies form the foundation of every Infoblox network services appliance. Infoblox NIOS software contains a security-hardened operating

Infoblox NIOS Software · Infoblox NIOS core technologies form the foundation of every Infoblox network services appliance. Infoblox NIOS software contains a security-hardened operating

Wp ipam infoblox

Wp ipam infoblox

Infoblox Administrator Guidedloads.infoblox.com/...//NIOS/NIOS_AdminGuide_5.1r5.pdf · 2012-11-26 · Infoblox Administrator Guide NIOS 5.1 for Infoblox Core Network Services AppliancesFile

Infoblox Administrator Guidedloads.infoblox.com/...//NIOS/NIOS_AdminGuide_5.1r5.pdf · 2012-11-26 · Infoblox Administrator Guide NIOS 5.1 for Infoblox Core Network Services AppliancesFile

DEPLOYMENT GUIDE Infoblox and Ansible Integration · Ansible Deployment Guide April 2018 Page 8 of 12 Playbooks Developing playbooks that use the Infoblox NIOS modules can enable

DEPLOYMENT GUIDE Infoblox and Ansible Integration · Ansible Deployment Guide April 2018 Page 8 of 12 Playbooks Developing playbooks that use the Infoblox NIOS modules can enable

Infoblox Trinzic Appliances with NIOS v8.2.6 Security Target Applianc… · Infoblox Trinzic Appliances, Infoblox Trinzic or the TOE. ... the tamper evident label must be affixed

Infoblox Trinzic Appliances with NIOS v8.2.6 Security Target Applianc… · Infoblox Trinzic Appliances, Infoblox Trinzic or the TOE. ... the tamper evident label must be affixed

Infoblox Deployment Guide - Network Insight Deployment Guide · Network Insight Deployment Guide, NIOS 8.1 - May 2017 Page 13 of 32 Network Insight performs discovery constantly.

Infoblox Deployment Guide - Network Insight Deployment Guide · Network Insight Deployment Guide, NIOS 8.1 - May 2017 Page 13 of 32 Network Insight performs discovery constantly.

Infoblox appliances

Infoblox appliances

deployment Guide Configuring And Enabling Gss - Infoblox · DEPLOYMENT GUIDE Configuring and Enabling ... Set the Active Directory user account for the NIOS DNS server to have a never

deployment Guide Configuring And Enabling Gss - Infoblox · DEPLOYMENT GUIDE Configuring and Enabling ... Set the Active Directory user account for the NIOS DNS server to have a never