When you add a server to a configuration, you can choose not to connect to that server. The following describes how to connect to a server.
For example, you might do this to add a server to Address Manager that isn't yet physically installed. To connect to the server, use the Connect function from the server’s name menu.
To connect to a server:
- From the configuration drop-down menu, select a configuration.
- Select the Servers tab. Tabs remember the page you last worked on, so select the tab again to ensure you're on the Configuration information page.
- Under Servers, click the name of a server that isn't managed by Address Manager. The Details tab for the server opens.
- Click the server name and select Connect.
-
Under Server, confirm the Management Interface IP
address, hostname, and password.
- Name—enter a name for the server. This name is used only in the Address Manager user interface and isn't associated with deployed DNS data.
- Management Interface—the IP address assigned to the server.
- Hostname—the hostname used for the server on the network.
- Upgrade to latest version—by default, this option is deselected. This provides a safe environment to add an DNS/DHCP Server in Address Manager without applying an unintentional software update. Select the check box only if you wish to apply the latest version of Address Manager software once the appliance is under Address Manager control.
- Password—enter the server password. For more
information on the default server password, refer to BlueCat default login credentials (you
must be authenticated to view this topic).Note: You must enter a password in order to use the Detect Server Settings button.
- Click Detect Server Settings. Address Manager will check the DNS/DHCP Server software version, interface count, state of Dedicated Management, IP address, and redundancy scenario (4-port appliances only).
-
OPTIONAL: Complete the following (available fields depend on the
number of interfaces of your DNS/DHCP Server):
- Services Interface—the following fields are
automatically populated based on the current configuration set
through the DNS/DHCP Server Administration Console.
- Primary IPv4 Services Address and Netmask—read-only, except when dedicated management is enabled. This is the IPv4 address and netmask that will be used only for services traffic such as DNS, DHCP, DHCPv6 and TFTP (3 and 4-port appliances only).
- Primary IPv6 Services Address and Subnet—read-only. Displays the IPv6 service address and subnet previously configured through the DNS/DHCP Server Administration Console.
- xHA Backbone—select the check box if you want
to configure the xHA interface and specify the IPv4 or IPv6 address
and netmask/subnet to be used. Note: When configuring an IPv6 address for the xHA backbone, the prefix must be set between the accepted CIDR range of 64 to 127.
- Enable Redundancy—select the check box to
enable networking redundancy (4-port appliances only) or
deselect to disable network redundancy. From the
Scenario drop-down menu, select either
Active/Backup or Active/Active
(802.3ad).Note: You can't enable network redundancy from the Add Server page if any VLAN interfaces are present on the Service interface (eth0). If necessary, remove any configured VLAN interfaces using the DNS/DHCP Server Administration Console, then add the server to Address Manager and enable network redundancy. Once the server is under Address Manager control you can configure VLAN interfaces from the Address Manager user interface (Servers > Service Configuration > Interfaces).
If you require VLAN Tagging with port bonding, you must first enable bonding then immediately configure VLAN interfaces.
- Enable encrypted notifications—encryption of
notifications is disabled by default. Select the check box to enable
encrypted notifications between Address Manager and DNS/DHCP servers.Note:
About Encrypted Notifications: By default, Address Manager to DNS/DHCP Server communication (the command channel) is secured by TLS on top of TCP using port 10042. However, by default dynamic updates to DNS and DHCP lease information are passed from DNS/DHCP Server to Address Manager (the notification channel) using signed updates rather than full channel encryption (primarily UDP over port 10045). By enabling encrypted notifications, DNS/DHCP Server to Address Manager notifications are secured by TLS on top of TCP using port 10046.
- The Enable encrypted notifications check box is available only for BDDS v9.4.0 or greater.
- This check box only appears after detecting server settings.
- The ability to toggle the notifications channel between encrypted/unencrypted will be removed in a future release of Address Manager; all communications related to notifications between Address Manager and DNS/DHCP Servers will be encrypted by default with no option to disable encryption.
- Encrypted notification requires certain ports to be opened on the firewall, see Address Manager service ports for more information.
- Services Interface—the following fields are
automatically populated based on the current configuration set
through the DNS/DHCP Server Administration Console.
-
OPTIONAL: Under HSM
Support, complete the following:
Note: In order to enable HSM support on managed DNS/DHCP Servers, you must have previously created an HSM configuration in Address Manager. For complete information on configuring HSM, refer to Configuring HSM.
- Select the check box, Enable HSM Support. The Add Server page refreshes to show your HSM configuration and a drop-down menu of HSM servers.
- From the HSM Servers drop-down menu, select an HSM server and click Add. Repeat this step to add multiple HSM servers.
- To re-order the hierarchy of the HSM servers in the list, select an HSM server and click Move Up or Move Down. The HSM server at the top of the order will be the Primary; HSM servers below the Primary will be the Secondary, Tertiary. Click Remove to delete an HSM server from the list.
In the General section of the Details tab, you will see Enable HSM Support: Yes — this confirms that HSM has been enabled on the managed BlueCat DNS Server. Also, the HSM Servers section lists the HSM server(s) linked to your managed DNS Server.
- Under Change Control, add comments, if required.
- Click Connect.