Configuring Infoblox as BIND for HA (new - March 2024)

We have been trying to configure HA using Infoblox as BIND and using a TSIG key per the SolarWinds documentation (Set up a SolarWinds Platform High Availability pool) but keep getting "DNS server access denied". We went through several versions of the TSIG key, using different key names, key algorithms and key data sizes, but always end up with the DNS server access denied error and can't complete the HA configuration.

If you're able to get this working in your environment, can you please share the steps you took so we can follow them and have a successful HA pool deployment as well?

Thank you.

Parents
  •  Hello there! Sorry if this is too late, but as of 2024.1, to make a High Availability FIPs complaint, SolarWinds changed the algorithm for BIND DNS from SHA1 to MD5. However, Infoblox BIND DNS only supports MD5 and SHA 256.

    There is a workaround for this:

    Workaround: Replace the newer 2024.1 SolarWinds.HighAvailability.Utilities.dll with a version from 2023.4

    1.) Download the older .dll file.
    2.) On the Customer server, stop the SolarWinds Services
    3.) Navigate to "C:\Program Files (x86)\SolarWinds\Orion\" (Default location)
    4.) Back up the existing "SolarWinds.HighAvailability.Utilities.dll" file by moving it to the desktop
    5.) Replace that file with the OLDER file pulled from a lab server in the same location. Right-click ->Properties and make sure it's unblocked.
    6.) Start the services.
    7.) Repeat steps for the Standby Server

    To roll back, just put back the original 2024.1 version of the file and restart services.

    Unfortunately, I cannot attach the .dll file here but maybe one of the SolarWinds peeps can help. OR, if you have a lab server with an older version installed, you can also get it from this.

    I hope this helps Slight smile

Reply
  •  Hello there! Sorry if this is too late, but as of 2024.1, to make a High Availability FIPs complaint, SolarWinds changed the algorithm for BIND DNS from SHA1 to MD5. However, Infoblox BIND DNS only supports MD5 and SHA 256.

    There is a workaround for this:

    Workaround: Replace the newer 2024.1 SolarWinds.HighAvailability.Utilities.dll with a version from 2023.4

    1.) Download the older .dll file.
    2.) On the Customer server, stop the SolarWinds Services
    3.) Navigate to "C:\Program Files (x86)\SolarWinds\Orion\" (Default location)
    4.) Back up the existing "SolarWinds.HighAvailability.Utilities.dll" file by moving it to the desktop
    5.) Replace that file with the OLDER file pulled from a lab server in the same location. Right-click ->Properties and make sure it's unblocked.
    6.) Start the services.
    7.) Repeat steps for the Standby Server

    To roll back, just put back the original 2024.1 version of the file and restart services.

    Unfortunately, I cannot attach the .dll file here but maybe one of the SolarWinds peeps can help. OR, if you have a lab server with an older version installed, you can also get it from this.

    I hope this helps Slight smile

Children
No Data