Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Martin0904

30 Posts

1873

April 21st, 2016 04:00

Pro´s and Con´s for Alias Names within a Access Zone

Hello Everybody,

we´ve migrating from a Celerra to Isilon, and try to figure out if it is better to have an own Access Zone for each VDM CIFS Server or bring some of them together in one Access Zone and use Alias Names.

Is there any Disatvantage to bring more then one CIFS Server into one Access Zone except Share Names?

regards,

Martin

sluetze

2 Intern

 • 

300 Posts

April 21st, 2016 04:00

Hi,

we made the same migration.

I would try (where possible) to reduce the amount of alias names (keep it simple)

I would separate the vdms in own accesszones in case there are different authentication providers needed. afaik you are only able to bind one Active Directory to one accesszone - second AD means second accesszone (as long as the domains do not trust each other)

crklosterman

450 Posts

April 21st, 2016 08:00

Yep @sluetze is right, Access zones should be considered unique containers for different non-trusted authentication providers, not as a 1:1 replacement for CIFS Servers or VDMs.  But one of the key propositions and values of Isilon as a platform is that it's simple to manage and administer.  10 access zones with 2 smart connect zones per access zone, and potentially hundreds or thousands of IP addresses is not simple to administer.  So if you had finance and engineering today in separate VDMs, but they're in the same AD domain, and don't have any overlapping/duplicate share names, consolidate them.  If they have a duplicate share name or two, either merge the content if it's similar, like 'home' and 'home' or rename one of them.  On the name front, don't use CNAMES, use SmartConnect zone aliases to have the isilon cluster answer for the DNS names that you used to use on VNX/Celerra.  As to the why, I talked to that on page 15 of this document:

https://support.emc.com/docu58740_Isilon-External-Network-Connectivity-Guide---Routing,-Network-Topologies,-and-Best-Pra…

Also file migrations like this can be pretty complex so if you're just getting started, I would certainly take a look at some of the third-party migration tools we now have available through EMC Select to make it all easier.  I'm writing a blog post on this subject right now that you'll see in the next week on ECN or EMC's Emerging Technologies blog, so I'll post that link here when I publish.  If you're curious in the meantime definitely reach out to your EMC account team.

Hope this helps,

~Chris Klosterman

Advisory Solution Architect

EMC Enablement Team

AdamFox

254 Posts

April 21st, 2016 10:00

The other reason why you may have multiple access zones is share name clashes.  If you had 4 VDMs and each of them had a 'projects' share that pointed to very different places and needed to be separate (e.g. not easy to merge), then you might use separate access zones even with the same authentication provider.

I agree that if they are able to be merged, then merging them is a good idea, but that isn't always the case.

Was this post helpful?

View All

No Events found!

Top