F5 ARX-VE Planning Manual Download Page 30 | Manualshive

Page: 30 / 64

background image

Chapter 1
Site Planning

1 - 24

Linux Samba

The ARX is often required to support file servers other than Windows,
Network Appliance, and EMC. Some environments can include file servers
that are Samba-based.

Samba is an open source suite of programs for Linux and UNIX that has
been in use since 1992. Samba provides file and print services for clients
using the SMB/CIFS protocol. Samba uses the winbind daemon to integrate
Linux/UNIX servers and desktops into Active Directory environments.

If you plan to deploy the ARX in a Samba environment, disable Samba
name mangling.

Windows 3.x and earlier used an 8.3 naming scheme, meaning that files had
eight places for a name, following by a dot, followed by three places for an
extension. To deal with files that have more than 8 characters followed by a
dot and then three characters for a file extension, Samba uses

name

mangling

.

To disable name mangling, insert the following line in your

mb.conf

file in

the [global] section:

mangled names = no

The ARX supports Samba for multi-protocol namespaces without persistent
ACLs. Without POSIX ACL and extended attribute support, the ARX
namespace cannot support persistent ACLs.

If you intend to deploy Samba, work with your F5 SE and consult the latest
version of the F5 Data Solutions Compatibility Matrix for details on the
level of support provided.

The Data Solutions Compatibility Matrix (also called the Interoperability
Matrix) is included in the standard ARX documentation (v5.01.000 and
higher). There is also an F5 solution on askf5 linking to the document:

https://support.f5.com/kb/en-us/solu.../sol10909.html

Configuring Windows Domain Controllers

If you plan to offer CIFS services, your Windows Domain Controllers
(DCs) must have the following ports accessible from the ARX:

• 389/TCP, used by the ARX for a Kerberos health check.

• 88/TCP, required for Kerberos queries and responses.

To support NTLM or NTLMv2, each DC requires a separate Secure Agent
installation. Refer to the

ARX® Secure Agent Installation Guide

for details

on this type of installation.

To support NTLM authentication and the Secure Agent, the DC firewall
must also allow the ARX to access the following ports:

• 139/TCP or 445/TCP, used by an ARX health check.

«
...
28
29
30
31
32
...
»

Summary of Contents for ARX-VE

Page 1: ...ARX Site Planning Guide 810 0036 00...

Page 2: ......

Page 3: ...Management Operating System Traffix Diameter Load Balancer Traffix Systems Traffix Systems DESIGN Transparent Data Reduction UNITY VAULT VIPRION vCMP virtual Clustered Multiprocessing WA WAN Optimiza...

Page 4: ...1995 1996 The President and Fellows of Harvard University All rights reserved Copyright c 1998 2004 The OpenSSL Project All rights reserved Unless otherwise noted the companies organizations products...

Page 5: ...Rev W add updates for Release 6 00 000 September 2011 Rev X add updates for Release 6 01 000 October 2011 Rev Y refer to licensed limits July 2012 Rev Z add updates for Release 6 02 000 October 2012 R...

Page 6: ...vi...

Page 7: ...1 Site Planning This manual describes network and environmental considerations for installing an Adaptive Resource Switch ARX Use this document to prepare for adding an ARX to your network...

Page 8: ......

Page 9: ...ervers are said to be at the back end As you plan to add a switch to your network it is helpful to remember the sharp division between the switch s front end and back end processing The following figu...

Page 10: ...s and servers Multiple subnet The ARX terminates one or more client subnets and a separate server subnet The following subsections describe each of these topologies One Armed Proxy Topology In a one a...

Page 11: ...RX The ARX has a single physical connection to the client server subnet On the switch you configure the same subnet and VLAN for both front end clients and back end servers You can also add static rou...

Page 12: ...vers into multiple IP subnets You can define multiple subnets static routes and default routes on the ARX to reach any number of subnets at the front end or back end Multiple Subnet Before Installing...

Page 13: ...X has a separate connection to the client subnet and the server subnet in a multiple subnet topology The switch serves as a proxy for CIFS and or NFS transactions between the clients and servers As a...

Page 14: ...t side IP addresses are called virtual IPs or VIPs The ARX also requires one or more management IP addresses to load new software images The switch has one out of band management interface and you can...

Page 15: ...against remote NFS clients This is designed as an authentication mechanism To prevent such file servers from denying access to the proxy IP addresses add the proxy IP addresses to your DNS configurati...

Page 16: ...rces the quorum disk The ARX also has an interface for out of band management typically labeled MGMT on its front panel This interface is designed for installations with discrete management networks I...

Page 17: ...client services If you plan to operate in a secure environment these ports must be opened on fire walls in order for the ARX to function properly All client server data is on the inband network The i...

Page 18: ...Enabled by default 23 TELNET TCP Disabled by default 443 HTTPS TCP GUI enabled by default 80 HTTP TCP GUI disabled by default 514 SYSLOG UDP If External Syslog is used 25 SMTP TCP For Email Home 139...

Page 19: ...Default port is configurable 464 lc passwd UDP and TCP 137 138 WINS UDP Name service 88 Kerberos TCP UDP 137 138 NetBIOS TCP UDP 445 Microsoft Directory Services TCP NFS Authentication NIS NIS UDP TC...

Page 20: ...mend using two or more NTP servers for the servers clients and the ARX devices Automatically Discovering Your File Servers Prior to installing an ARX best practices recommend using F5 Data Manager a w...

Page 21: ...es to manually discover any issues for a site without Data Manager Avoiding Name Collisions To prepare multiple file server shares for inclusion in the same namespace volume you should avoid name coll...

Page 22: ...nA 2 3 192 168 25 34 24 25 00 0a 49 17 7c 83 bstnA bstnA 2 4 192 168 25 141 24 25 00 0a 49 17 7c 84 bstnA bstnA 2 5 192 168 25 142 24 25 00 0a 49 17 7c 85 bstnA bstnA 2 6 192 168 25 143 24 25 00 0a 49...

Page 23: ...Export wizard is invoked See the following figure In the wizard select the options to configure for the export Figure 1 8 NFS Export wizard Use this wizard to add your proxy IP addresses to the follow...

Page 24: ...following figure Figure 1 9 NFS Export wizard Commit screen EMC Celerra Server On the EMC Celerra server select NFS Exports See the left hand navigation column in the following figure Click New or cli...

Page 25: ...ain Exports All Data Domain exports are in the backup directory You can use the Data Domain CLI to export one of those directories through NFS Use the nfs add command to create an NFS export specifyin...

Page 26: ...squash lhome budget 192 168 25 144 rw no_root_squash lhome budget 192 168 25 145 rw no_root_squash lhome budget 192 168 25 146 rw no_root_squash lhome budget 192 168 25 147 rw no_root_squash lhome bud...

Page 27: ...ly in the 192 168 25 0 24 subnet the server subnet for the ARX Only the ARX should be able to access this export except for backups or other read only activities To use the edited exports file force t...

Page 28: ...estination share this means that each namespace can use up to 32 concurrent server connections If your installation supports Per Seat licensing this is not an issue For Per Server licensing you must c...

Page 29: ...the EMC Data Domain system allows access to a small number of CIFS clients with read only access However an ARX volume facilitates read write access to the Data Domain share by any of its CIFS client...

Page 30: ...mba for multi protocol namespaces without persistent ACLs Without POSIX ACL and extended attribute support the ARX namespace cannot support persistent ACLs If you intend to deploy Samba work with your...

Page 31: ...es on back end filers among other things The managed volume uses the metadata to manage these file locations through namespace policy A direct volume does not have any metadata and therefore does not...

Page 32: ...File IDs The ARX Inter Operability Matrix lists all of a direct volume s supported NFS filers and clients This matrix is available from the ARX GUI along with this document click the Documentation lin...

Page 33: ...r that has adequate performance and redundancy characteristics as well as adequate space For details on estimating the size required see Sizing the Metadata Share on page 1 28 The namespace software f...

Page 34: ...oosing metadata storage candidates for a namespace Use the information in these sections as guidelines before configuring any namespaces with managed volumes Sizing the Metadata Share A metadata share...

Page 35: ...olume with millions of files can require multiple gigabytes of metadata However a file system has a limit on the size of each file Thus you must verify that the file system for the metadata share can...

Page 36: ...olume that also supports CIFS This is because an NFS only volume does not have the CIFS credentials required to access a CIFS metadata only share Avoid vol vol0 on NetApp By default a NetApp file serv...

Page 37: ...icy is called new file placement policy in a share farm and it is described in the ARX CLI Storage Management Guide Best Practices for Share Management Once an external share is imported into a manage...

Page 38: ...on to non native access to the filer Non native access means accessing a UNIX file through CIFS or an NTFS Windows file through NFS Of particular interest are the following questions How will the clie...

Page 39: ...show different timestamps to Unix clients than to CIFS clients The timestamps differ by one hour This is an indication that the timestamp was set before daylight savings time started or ended it is a...

Page 40: ...the above user to root on the UNIX side as described below From the EMC CLI use the following command to get a copy of the UNIX passwd file server_file data mover get passwd passwd new where data mov...

Page 41: ...for Use in an Active Directory Domain This section applies to Windows installations that support Active Directory AD domains These installations use Kerberos authentication and require some special c...

Page 42: ...steps add the F5 server to the AD domain and raise the Trusted for Delegation flag for the server Each of these steps requires a distinct administrative privilege Add workstations to domain where the...

Page 43: ...ts The ARX supports a maximum of 64 services each with a distinct FQDN and virtual IP VIP address This maximum is for the sum of all CIFS and NFS services The smaller ARX 500 platform offers up to 16...

Page 44: ...le FRU compact design It offers the same software features as the other ARX platforms differing only in performance and scale Ports 8 x 1GbE copper 1 mgmt data and 7 data Throughput 500MB s Files 768M...

Page 45: ...control switch fabric throughput and external interfaces into a compact design consisting of two FRUs The switch includes a removable front bezel which when attached covers all components except the...

Page 46: ...500 System Specifications Component Specification Dimensions Height 1 703 in Width 16 930 in Depth 26 457 in Weight 31 lb 14 061 kg Power Load 8 55 amps 110Vac 4 3 amps 220Vac Environmental Requireme...

Page 47: ...t bezel Height 3 5 in Width 19 00 in including mounting ear assemblies Depth 24 in Chassis Weight 40 lb 18 14 kg Power Consumption Typical power consumption 2 5A 110VAC 280W 0 98 PF Maximum power cons...

Page 48: ...wer Load 2 5A 110V 1 3A 220V AC DC Power Supply Input 100Vac 4 Amps 240Vac 2Amps 47 63Hz 100 240VAC 47 63Hz 4 2A Environmental Requirements Altitude 60m 197ft min to 1800m 6000 ft max Humidity Operati...

Page 49: ...power modules and one power system frame Two power modules are recommended for full redundancy and load sharing The power supplies require a 10A 220VAC input cord which is provided with the chassis T...

Page 50: ...able Requirements This section contains the cable requirements for all the ARX models Choose from the following ARX 500 Cable Requirements on page 1 44 ARX 1500 Cable Requirement on page 1 45 ARX 2000...

Page 51: ...auto auto negotiate through the CLI When the port speed duplex is forced auto negotiate is disabled automatic MDI MDIX cross over is disabled and you must cable the port using standard cross over or s...

Page 52: ...Ethernet cable RJ 45 connectors Gigabit Ethernet ports copper a 100 1000BASE T Category 5 6 unshielded twisted pair UTP cable 24 AWG a Gigabit Ethernet ports support automatic MDI MDIX cross over This...

Page 53: ...it is a cross over or straight through type However for this feature to work the port speed must be set to auto auto negotiate through the CLI When the port speed duplex is forced auto negotiate is d...

Page 54: ...mode fiber MMF with duplex SC style connectors Distances up to 300m on 50 125um MMF or 33m on 62 5 125um MMF a Gigabit Ethernet ports support automatic MDI MDIX cross over This feature automatically...

Page 55: ...fficient for connecting to a Terminal Server For a direct connection to the serial port on a management station such as a laptop an RJ 45 to DB9 adapter is also included in the kit Figure 1 13 RJ 45 M...

Page 56: ...n the system Here is the table that describes the console port pinout The following table shows the pinout assignments for the ARX 1500 and the ARX 2500 Table 1 15 SCM ACM console port signaling cabli...

Page 57: ...ARX 500 Connectors The ARX 500 has four rear panel ports for cabling as shown in Figure 1 15 Figure 1 15 ARX 500 rear panel ports The following table describes the cable connectors used on the ARX 500...

Page 58: ...X 2000 Table 1 18 ARX 1500 Cable Connectors Interface Connector Purpose Console labeled CONSOLE on back of switch RJ 45 Serial port for CLI access Management labeled MGMT on back of switch RJ 45 Ether...

Page 59: ...labeled MGMT on back of switch RJ 45 Ethernet port for CLI or GUI access Gigabit Ethernet Optical ports Copper ports small form factor Pluggable SFP RJ 45 Two optical ports for 10 Gbps Ethernet conne...

Page 60: ...red in the Data Manager database From this definition you can generate the automated DOS and ARX CLI command scripts and step by step deployment instructions that constitute an ARX deployment workflow...

Page 61: ...ing up virtual servers Data Manager is not involved during the network configuration phase but can provide significant support during the storage configuration phase However if you choose not to use D...

Page 62: ...pying the latest ARX configuration to a remote host every time the configuration changes You can use the configuration parameters later to recover from a disaster and or to facilitate switch replaceme...

Page 63: ...iguration page click the Help button in the upper right hand corner and follow the instructions Contacting Customer Service You can use the following methods to contact F5 Networks Customer Service F5...

Page 64: ...Chapter 1 Site Planning 1 58...

Reviews:

No comments

Related manuals for ARX-VE

Brand: Danfoss Pages: 6

Brand: Gefen Pages: 11

Brand: I-Tech Pages: 39

PMV WM Ultraswitch

Brand: Flowserve Pages: 16

Brand: Kramer Pages: 17

Brand: Grozone Control Pages: 20

Brand: Lindy Pages: 38

Brand: Hama Pages: 56

Brand: SICK Pages: 19

Brand: Hama Pages: 14

Master View CS-74A

Brand: ATEN Pages: 16

IIOT-AMS Tilt Counter

Brand: ROSSMA Pages: 13

Brand: Advantech Pages: 28

kontron KSwitch D1 UGPD

Brand: S&T Pages: 40

Brand: HighSecLabs Pages: 2

Brand: TLS Electronics Pages: 12

Brand: Linkskey Pages: 2

Brand: Good Way Pages: 13

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands