Jump to content
 English      
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
     Forums advanced search
HP.com Home
 IT Resource Center Forums > Storage > HP LeftHand P4000

P4500 with 10 Gb Ethernet - IP Configuration / Subnets Question
» 

IT Resource Center
» Login
» Register
» My profile
» Search knowledge base
» Forums
» Patch database
» Download drivers, software and firmware
» Warranty check
» Support Case Manager
» Software Update Manager
» Training and Education
» More maintenance and support options
» Online help
» Site map

Member icons
 
 HP moderator  HP moderator
 Expert in this area  Expert in this area
Member status
ITRC Pro ITRC Pro
250 points
ITRC Graduate ITRC Graduate
500 points
ITRC Wizard ITRC Wizard
1000 points
ITRC Royalty ITRC Royalty
2500 points
ITRC Pharaoh ITRC Pharaoh
7500 points
Olympian Olympian
20000 points
1-Star Olympian 1-Star Olympian
40000 points
2-Star Olympian 2-Star Olympian
80000 points
»  How to earn points
»  Support forums FAQs
Question status
Magical answer Magical answer
Message with a response that solved the author's question
Favorites status
Add to my favorites Add to my favorites
Delete from my favorites Delete from my favorites
This thread has been closed Thread closed
 

Content starts here
   Create a new message    Receive e-mail notification if a new reply is posted  Reply to this message
Author Subject: P4500 with 10 Gb Ethernet - IP Configuration / Subnets Question      Add to my favorites
SimonQ
Oct 29, 2009 09:06:41 GMT   
I have 2 x P4500 Nodes with 10 Gb Ethernet Adapters. We would like to (if possible) have a completely isolated iSCSI VLAN / Subnet.

The big question is, can CMC manage this from another Subnet? Or more to the point, how can I assign a couple of NICs to another Subnet for management, but not allow iSCSI connections to these management NICs.

As I understand it, when I give two NICs an address on a different Subnet (and attach the SANiQ to these NICs), the CMC (or SANiQ interfaces) must still communicate with the Virtual IP Address (on iSCSI Subnet). It can't because there is no routing between the subnets. If I add a VIP on the management Subnet, then I believe people can still make a connection to these targets defeating the purpose of a secure iSCSI Subnet.

Just to confuse matters I would ideally like all 10 Gb adapters on the iSCSI Subnet. Does replication occur only through the SANiQ interfaces? If so then would I lose out by using 1 Gb Ethernet for the SANiQ interfaces?
Note: If you are the author of this question and wish to assign points to any of the answers, please login first.For more information on assigning points ,click here


Sort Answers By: Date or Points
HP moderator Gauche
Oct 29, 2009 17:52:29 GMT  10 pts
I'd advise you use the two 10Gb adapters (preferably bonded) for all you iSCSI and replication. You can make that a totally isolated network.
You'll assign the 10Gb network as the "SAN/iQ" network. That means all iSCSI traffic and replication will occur there.
Using either of the 1Gb adapters (or both bonded, also the preferred method) to connect to a "public" type network for you to do management is fine.
The CMC can connect and manage the system on either network.
The CMC does not need to connect to the VIP, VIP is only used for iSCSI discovery.

Essentially the "SAN/iQ interface" is the one used for iSCSI and replication, and management is allowed on any network.
Bryan McMullan
Nov 2, 2009 16:03:42 GMT  5 pts
For management, could you just manage the cluster from one of the machines that are connected to the iSCSI subnet? Meaning just remote desktop to a machine that connects to a volume on the cluster?

You've got other options for management as well, you can setup routing to the iSCSI VLAN and then use ACL's to block all but the specific management stations access to the iSCSI VLAN.

For management, you need access to all the nodes individually (I believe). The VIP is uses for iSCSI access and load balancing, not for management.

Hope that helps.
 
Create a new message    Receive e-mail notification if a new reply is posted   Reply to this message
 
 
Printable version
Privacy statement Using this site means you accept its terms
© 2009 Hewlett-Packard Development Company, L.P.