Cisco Cisco Prime Network Registrar 8.1 Guida Utente
Cisco Prime Network Registrar IPAM 8.1.1 User Guide
194 Administrators “How to” Section
domains. However, they do not wish to create an Administrator Role and an Administrator
for each client. Furthermore, it is likely to be the case that these third party administrators
would all have the same functional access, but would differ only on the objects (Blocks,
Domains, Containers, etc) they could access.
Solution
Create a “Customer Function” role that defined just the Authorized Functions to be assigned
to 3rd party administrators. Then, for each customer, create an Administrator using the
Customer Function role. In addition, assign the appropriate objects (Blocks, Domains, and /
or Containers) to the Administrator itself.
Benefits
•
All 3rd party administrators would automatically get the same level of functional access
to the system. Changes made once would be propagated to all administrators using the
role.
•
The need to create a separate Administrator Role for each Administrator is eliminated.
7.8
Configuring DNS on a TwinMirror Appliance
Running DNS on a TwinMirror requires some additional configuration due to the
TwinMirror’s use of a virtual IP address. Both the primary and secondary nodes in a
TwinMirror configuration have a real IP address associated with their network adapters. In
addition, the active node uses a virtual address to communicate with the rest of the network.
When failover occurs, the secondary node takes over the virtual address, allowing
uninterrupted service.
Other nodes in the network should use the virtual IP Address when communicating with the
Other nodes in the network should use the virtual IP Address when communicating with the
TwinMirror. This avoids the need to reconfigure those other nodes when failover occurs.
By default, DNS uses the active node’s real IP address for Notifies and Zone Transfers. If
By default, DNS uses the active node’s real IP address for Notifies and Zone Transfers. If
other DNS nodes are using ACL’s, then Notifies and Zone Transfers will no longer work after
a failover.
To circumvent this, a DNS server running on a TwinMirror should be configured to use the
To circumvent this, a DNS server running on a TwinMirror should be configured to use the
virtual IP Address for Notifies and Zone Transfers. Any ACL’s, or Also-Notify settings on
other servers should also reference the virtual IP Address.
Figure 7-24 shows these two options set for a virtual IP Address of 10.11.12.13.
Figure 7-24 shows these two options set for a virtual IP Address of 10.11.12.13.