Unsolved
This post is more than 5 years old
24 Posts
0
3662
Multiple groupnets using the same subnet
Hello,
Could someone advise with onefs 8.x, we can setup multiple groupnets from the same network subnet ?
Our Customer intends to accommodate 2 AD domains using 2 groupnets on their isilon from the same network subnet due to fewer network resorces at DR site. As far as i tested in lab, it does't allow overlapping subnet between different groupnets. I'm wondering if this is by design and if there's a future plan for any enhancement.
---------------------------------------------------------------------------------------------
ex)
iq221-1# isi network groupnet list
ID DNS Cache Enabled DNS Search DNS Servers Subnets
-----------------------------------------------------------------
groupnet0 True isidom1.local 10.32.239.201 subnet0
groupnet1 True isidom.local 10.32.7.250 subnet0
-----------------------------------------------------------------
Total: 2
iq221-1#
iq221-1# isi network subnet list
ID Subnet Gateway|Priority Pools SC Service
-----------------------------------------------------------------------
groupnet0.subnet0 10.32.239.0/24 10.32.239.1|10 pool0 10.32.239.223
pool1
groupnet1.subnet0 0.0.0.0/24 0.0.0.0|20 - 0.0.0.0
-----------------------------------------------------------------------
Total: 2
iq221-1#
iq221-1#
iq221-1# isi network subnets modify groupnet1.subnet0 --gateway=10.32.239.1
Subnet 'subnet0' (10.32.239.0/24) overlaps with 10.32.239.0/24
iq221-1#
iq221-1#
---------------------------------------------------------------------------------------------
Thanks in advnace!!
tezuky
24 Posts
0
August 11th, 2016 07:00
Thanks sjones, i understand isilon's subnet only can belong to single groupnet.
sjones51
252 Posts
1
August 11th, 2016 07:00
Hi tezusky,
This is by design, and I am not aware of any plan to change this. Groupnets are designed to enable multi-tenant DNS support per access zone.
This explanation comes from the OneFS 8.0.0 Release notes on page 12:
Multi-tenant DNS support
OneFS 8.0.0 supports multiple DNS servers for each access zone so different tenants
that operate on the same Isilon cluster can use different DNS servers to perform host
name lookups. DNS servers are configured by a new network object called a
groupnet, which lives above a subnet. Each groupnet is associated with a single
access zone. The default system access zone is automatically associated with the
default groupnet. Authentication providers that communicate with an external server
must be associated with a groupnet. The DNS cache has been enhanced to maintain
separate caches for separate groupnets. You must create new access zones in order
for the groupnets to be used by protocols. The protocols that support groupnets are
SMB, NFS, HDFS, and Swift.
Peter_Sero
1.2K Posts
3
August 11th, 2016 07:00
For each AD domain there will be one access zone on the cluster
(not counting the system access zone).
From a networking standpoint, the access zones are configured at the
same level as the SmartConnect zones, namely on the address pool level.
So you would use
one groupnet
one subnet
two address pools (specific IP addresses used by Isilon nodes, not clients)
- per pool: one SmartConnect zone, one access zone, one AD domain
Makes sense?
-- Peter
tezuky
24 Posts
0
August 11th, 2016 07:00
Thank you, Peter. In our case, we have to consolidate CIFS servers on 2 VNX to the single isilon from two separate AD domains. There's no DNS forwarding or other equivalent feature between these AD domains, so we need to have 2 groupnets as per DNS server.