![SafeNet Luna SA Скачать руководство пользователя страница 27](http://html1.mh-extra.com/html/safenet/luna-sa/luna-sa_configuration-manual_798623027.webp)
CHAPTER 2 Configure the Luna Appliance for your Network
Recommended Network Characteristics
Determine whether your network is configured optimally for use of Luna appliances.
Bandwidth and Latency Recommendation
Bandwidth
•
Minimum supported: 10 Mb half duplex
•
Recommended: at least 100 Mb full duplex - full Gigabit Ethernet is supported
Note:
Ensure that your network switch is set to AUTO negotiation, as the Luna appliance
negotiates at AUTO. If your network switch is set to use other than automatic negotiation, there
is a risk that the switch and the Luna appliance will settle on a much slower speed than is
actually possible in your network conditions.
Network Latency
•
Maximum supported: 500ms
•
Recommended: 0.5ms
About Latency and Testing
Luna appliance client-server communication uses timeouts less than 30 seconds to determine failure scenarios. Thus
the appliance does not tolerate network configurations or conditions that introduce a greater delay - problems can result,
especially with HA configurations.
Here is a description of one common cause of such a situation, and what you can do about it.
When you disconnect the network cable between any Luna appliance and a switch, and then reconnect, traffic should
resume immediately, but with certain network switch configurations it might take 30 seconds for traffic to resume.
The problem here is at the switch (and not the Luna appliance). See
http://www.cisco.com/warp/public/473/12.html#bkg
for some descriptions of Cisco switches. If the switch is
configured to run the Spanning Tree Protocol on the port (which appears to be the default configuration, at least for
Cisco switches), then there is a delay of about 30 seconds while it runs through a series of discovery commands and
waits for responses. The switches can be configured to run in “PortFast” mode in which the Spanning Tree Protocol still
runs on the port, but the port is placed directly into 'forwarding mode' and starts the traffic flowing immediately.
With the switch introducing a connection detection delay of 30 seconds or greater, transient network failures lasting
only seconds are no longer tolerated. A simple test is to set up a ping stream and then disconnect and reconnect the
network cable. The ping traffic should resume after a 1 or 2 second delay. A greater delay indicates that a switch in the
network is not detecting the reconnection as quickly as is optimal. See the recommendations for network Bandwidth
and Latency.
Go to
"Power-up the HSM Appliance" on page 27
.
Power-up the HSM Appliance
Instructions on this page assume that the HSM appliance has been installed, including
•
power connections
[We suggest that each of the two power supplies be connected to an independent electrical
source, and that at least one of those sources should be protected by UPS (uninterruptible power supply) and
generator backup.],
Luna SA Configuration Guide
Release 5.4.1 007-011136-007 Rev C July 2014 Copyright 2014 SafeNet, Inc. All rights reserved.
27
Содержание Luna SA
Страница 1: ...Luna SA Configuration Guide ...