Configure Large scale device trust behind a HIPswitch

In advanced configurations that have a large number of devices one or more hops away behind a single HIPservice, you can use a special type of device with a 0.0.0.0 IP address. A 0.0.0.0 device effectively functions as a wildcard, and when configuring trust, selecting the 0.0.0.0 device effectively applies the trust policy to all devices behind the parent HIPservice.

CAUTION: Special consideration is recommended when planning a configuration that utilizes the 0.0.0.0 device type. Each overlay network can only have one 0.0.0.0 address. Overlay networks containing a 0.0.0.0 device cannot use subnet routing or NAT.

To create the 0.0.0.0 device and use it for trust configuration

  1. Go to HIPservices and select a HIPservice.
  2. Add a new device with the IP address set to 0.0.0.0. See Add devices to the Conductor for more information about adding devices.
  3. Go to Overlays and select the overlay network for which you are configuring trust.
  4. In the Devices tab, click the button for the 0.0.0.0 device, and then select the other devices and groups in the overlay network that require communications with the devices represented by the 0.0.0.0 wildcard device.