A complete operational reference for Infoblox NIOS — Grid architecture, DNS management, DHCP configuration, IPAM, security (DNS Firewall / Advanced DNS Protection), REST API, and troubleshooting. Covers NIOS 9.x with Universal DDI integration.
| Option Code | Name | Value Example | Purpose |
|---|---|---|---|
| 003 | Router (Default Gateway) | 10.10.5.1 | Default gateway for the subnet |
| 006 | DNS Servers | 10.0.0.53, 10.0.0.54 | DNS resolvers for clients |
| 015 | DNS Domain Name | us.ad.lfg.com | Default search domain |
| 042 | NTP Servers | 10.0.0.10 | Network Time Protocol server |
| 044 | WINS Servers | 10.0.0.20 | NetBIOS name server (legacy) |
| 051 | Lease Time | 86400 (24h) | Override default lease duration |
| 060 | Vendor Class Identifier | PXEClient | Identify vendor/device type |
| 066 | TFTP Server Name | 10.0.0.99 | PXE boot server |
| 067 | Boot File Name | pxelinux.0 | PXE boot filename |
| 119 | DNS Search List | us.ad.lfg.com, corp.lfg.com | Multiple DNS search suffixes |
| 150 | TFTP Server Address | 10.0.0.99 | Cisco IP phones TFTP config |
| 252 | WPAD / Auto-Proxy | http://wpad.domain.com/wpad.dat | Web proxy auto-discovery |
DNS Views allow a single NIOS member to serve different DNS responses to different clients based on source IP. The same zone name (e.g., lfg.com) can return different answers to internal vs. external clients.
| Component | Access / Path | Port | Notes |
|---|---|---|---|
| Grid Manager UI | https://[gm-ip]/ | 443 | Primary management interface |
| WAPI (REST API) | https://[gm-ip]/wapi/v2.12/ | 443 | All DDI automation |
| WAPI Docs (Swagger) | https://[gm-ip]/wapidoc | 443 | Interactive API documentation |
| SSH CLI | ssh admin@[member-ip] | 22 | CLI diagnostics and Grid join |
| Grid VPN (members→GM) | UDP/TCP from member to GM IP | 1194 | Must be open — Grid DB replication |
| DNS | UDP + TCP to member/VIP | 53 | UDP for queries, TCP for AXFR + large responses |
| DHCP | UDP broadcast / unicast | 67/68 | Client to server (67), server to client (68) |
| DHCP Failover | Between two DHCP member IPs | 647 | Failover protocol synchronization |
| NTP | Outbound from appliance | 123 | Grid time sync (critical for DNSSEC) |
| SNMP (monitoring) | Inbound to appliance | 161 | MIB-based monitoring of member health |
| Syslog (to SIEM) | Outbound from appliance | 514 | UDP/TCP syslog to SIEM targets |
| HTTPS (Universal DDI) | Outbound to portal.infoblox.com | 443 | Universal DDI Management cloud portal |