Upload
others
View
17
Download
0
Embed Size (px)
Citation preview
1 | P a g e
Deploying Silver Peak VXOA Physical And Virtual Appliances with Dell EqualLogic Isolated iSCSI SANs – including Dell 3-2-1
Tech Note
June 2012
This tech note describes the deployment of Silver Peak physical and virtual appliances with Dell EqualLogic isolated iSCSI SANs including the Dell EqualLogic 3-‐2-‐1 server and storage solution.
2 | P a g e
Formatting Conventions ......................................................................................................................... 3 Prerequisites ................................................................................................................................................ 3 Overview ........................................................................................................................................................ 3
Figure 1: Isolated iSCSI SAN Diagram ................................................................................ 3 Figure 2: Silver Peak Tunnel with Auto-‐Replication .................................................... 4
Network Diagram ...................................................................................................................................... 5 Figure 3: Network Diagram .................................................................................................... 5
Example Configuration ............................................................................................................................ 6 Figure 4: IP Addresses .............................................................................................................. 6
Silver Peak Configuration ....................................................................................................................... 7 Figure 5: Silver Peak Configuration Wizard .................................................................... 7 Figure 6: Appliance IP address and name ........................................................................ 7 Figure 7: Appliance date, time and password ................................................................. 8 Figure 8: Deployment mode ................................................................................................... 8 Figure 9: Apply management settings ................................................................................ 9 Figure 10: Wait for the system to reboot .......................................................................... 9 Figure 11: Login to the appliance ...................................................................................... 10 Figure 12: Configure system ................................................................................................ 10 Figure 13: Max WAN Bandwidth ....................................................................................... 10 Figure 14: Deployment mode ............................................................................................. 11 Figure 15: Dual homed router mode ............................................................................... 11 Figure 16: Assign appliance IP addresses and next-‐hop ......................................... 12 Figure 17: WAN next hop warning ................................................................................... 12 Figure 18: Tunnel configuration ........................................................................................ 12 Figure 19: Adding a new tunnel ......................................................................................... 13 Figure 20: Selecting route policy ....................................................................................... 13 Figure 21: Creating a new route policy ........................................................................... 14
Conclusion .................................................................................................................................................. 14 Links ............................................................................................................................................................. 15 Appendix A ................................................................................................................................................. 16 Silver Peak VXOA and Dell EqualLogic 3-‐2-‐1 Configuration Sheet ............................... 16
3 | P a g e
Formatting Conventions • Italic font – used for words that require special attention or as a placeholder
for information that must be user supplied. • Monospaced font – Command names and information displayed on a system
console. Also used for file, path and directory names. • Bold monospaced font – Words and characters that the user must type. Typed
characters are always in lowercase letters, unless the program is case-‐sensitive.
Prerequisites • Silver Peak VX or NX appliances version 4.4.7 or later • Silver Peak licenses • IP address information for appendix A • Read this entire document before beginning configuration
Overview This document describes the configuration of Silver Peak physical and virtual appliances for Dell EqualLogic isolated iSCSI SAN and 3-‐2-‐1 deployments. For this deployment the iSCSI SANs at the primary and secondary sites are isolated from the LAN and WAN router, Figure 1. Because the iSCSI SAN is in an isolated subnet, EqualLogic Auto-‐Replication cannot be used unless changes are made to the network by connecting the iSCSI SAN to the LAN or adding an additional connection from the WAN router to the iSCSI SAN. In order to simplify replication deployments with an isolated iSCSI SAN, Silver Peak physical or virtual appliances are used to optimize and route replication traffic across the WAN.
Figure 1: Isolated iSCSI SAN Diagram
Subnet B Subnet C
IP SAN Switch
WAN Router
Primary EQ Array Secondary EQ Array
LAN Switch LAN Switch
IP SAN Switch
WAN Router
WAN
Subnet A Subnet D
4 | P a g e
Because the Silver Peak appliances use a tunnel to communicate with each other, the iSCSI SAN at each site will remain isolated from the LAN, maintaining security and stability, Figure 2. For additional security, IP SEC can be used to encrypt traffic between the Silver Peak appliances.
Figure 2: Silver Peak Tunnel with Auto-‐Replication
When Silver Peak appliances are deployed with Dell EqualLogic Auto-‐Replication for a 3-‐2-‐1 solution or isolated iSCSI SAN, the Silver Peak appliance will become the default gateway for the EqualLogic arrays on the iSCSI SAN. The Silver Peak appliances will forward all EqualLogic Auto-‐Replication traffic to the WAN router. The Silver Peak appliances will not forward traffic from the LAN to the iSCSI SAN, only the traffic that is in the Silver Peak tunnel will be forwarded to the iSCSI SAN.
iSCSI SAN Switch
WAN Router
Primary EQ Array Secondary EQ Array
LAN Switch LAN Switch
iSCSI SAN Switch
WAN Router
WAN
Subnet A
Subnet B Subnet C
Subnet D
Silver PeakSilver Peak
Dell EqualLogic Auto-Replication TrafficSilver Peak Tunnel with Auto-Replication Traffic
5 | P a g e
Network Diagram This diagram shows the network connections between the EqualLogic arrays.
Figure 3: Network Diagram
iSCSI SAN Switch
Silver Peak
WAN Router
Primary EQ Array Secondary EQ Array
LAN Switch LAN Switch
iSCSI SAN Switch
Silver Peak
WAN Router
WAN
1 or 10 GbE
6 | P a g e
Example Configuration The following IP addresses are used for this example; note that this is only one side of the replication link. Both sides will need to be configured before replication can begin. The second site will have different IP addresses, but all of the components will be the same. It is possible to use a physical Silver Peak appliance at one site and a virtual Silver Peak appliance at the other site. WAN router 10.0.0.1/24 Silver Peak WAN0 10.0.0.2/24 Silver Peak WAN0 Next-‐hop 10.0.0.1/24 Silver Peak mgmt0 192.168.151.136/24 EqualLogic array 192.168.0.10/24 Silver Peak LAN0 192.168.0.1/24 Silver Peak LAN0 Next-‐hop 192.168.0.254/24 (this address is non-‐functioning and should not be an actual device. If this address responds to a ping traffic will not be forwarded correctly.)
Figure 4: IP Addresses
Primary EQ Array
SP WAN0 10.0.0.2/24Next-hop 10.0.0.1/24
SP LAN0 192.168.0.1/24Next-hop 192.168.0.254/24
LAN Switch
iSCSI SAN Switch
Silver Peak
WAN Router 10.0.0.1/24
192.168.0.10/24
7 | P a g e
Silver Peak Configuration For the initial deployment of the Silver Peak appliances, please follow the Quick Start Guide located here: http://www.silver-‐peak.com/Support/user_docs.asp. Note that there is a separate quick start guide for physical and virtual appliances. After completing step 6 in the quick start guide, please return to this guide and start at 1. 1. Login and begin with the Silver Peak configuration wizard. The default user name and password is admin/admin.
Figure 5: Silver Peak Configuration Wizard
2. Assign the appliance hostname and management IP address.
Figure 6: Appliance IP address and name
8 | P a g e
3. Set the date, time and management password.
Figure 7: Appliance date, time and password
4. Select the finish now option, Apply management settings only -‐ configure deployment mode later.
Figure 8: Deployment mode
9 | P a g e
5. Apply management settings and wait for the system to reboot.
Figure 9: Apply management settings
Figure 10: Wait for the system to reboot
10 | P a g e
6. Login to the appliance.
Figure 11: Login to the appliance
7. Select configure system.
Figure 12: Configure system
8. Set System Bandwidth based on the amount of bandwidth available for replication. In some environments the bandwidth that is available for replication will be less than the total available WAN bandwidth. This setting will limit the maximum Silver Peak throughput.
Figure 13: Max WAN Bandwidth
11 | P a g e
9. Select Router for the deployment mode and click the advanced button.
Figure 14: Deployment mode
10. Select dual homed and click OK.
Figure 15: Dual homed router mode
11. Assign IP addresses for appliance interface IP1 and IP2 and wan0 and lan0 next hop.
a. Assign an IP address to Appliance IP1 that is valid on the LAN, the wan0 Next-‐hop IP is the address of the WAN router or default gateway for the LAN.
b. Assign an IP address to Appliance IP2 that is valid on the iSCSI SAN, the lan0 Next-‐hop IP should be an address that is not in use on the iSCSI SAN and will not respond to a ping. This address is just a placeholder and will not be used. If an address is used that is in use on the iSCSI SAN, the Silver Peak tunnel will not activate and replication will fail.
c. Ignore the warning for WAN Next-‐Hop Unreachable on lan0. The gw: field should list the IP address that was used for the LAN0 Next-‐hop, figure 17. If this error message is not present, an in-‐use IP address was entered into the lan0 Next-‐hop field and replication will fail.
12 | P a g e
Figure 16: Assign appliance IP addresses and next-‐hop
Figure 17: WAN next hop warning
12. Create a manual tunnel between Silver Peak appliances. a. Select Configuration>Tunnels
Figure 18: Tunnel configuration
b. Select Add and use the following settings: Name: use a name to describe where this tunnel goes, for example tunnel-‐to-‐remote-‐site-‐IP-‐SAN
Admin: up MTU: 1500 Local IP: the local IP address for LAN0 Remote IP: the remote appliance IP address for LAN0 Auto Max BW: checked. Max BW can be set if replication traffic needs to be limited to a specific throughput. Min BW: 32 Mode: gre
13 | P a g e
Figure 19: Adding a new tunnel
13. Because the two iSCSI SANs are isolated from the LAN and WAN, a route policy must be added to the Silver Peak appliances in order to pass traffic between them. a. First select Configuration>Route Policy.
Figure 20: Selecting route policy
b. Select Add and use the following settings: Priority: 10 Protocol: ip Src Subnet: the local IP SAN subnet Dst Subnet: the remote IP SAN subnet Application: any DSCP: any Tunnel: use the tunnel that was created in step 12.
14 | P a g e
Tunnel Down Action: Drop d. Select Apply
If the tunnel between the Silver Peak appliances goes down replication will stop. Setting the Tunnel Down Action to Pass-‐Through will not change this. Setting the Tunnel Down Action to Drop is a reminder that replication will stop.
Figure 21: Creating a new route policy
14. Use the local Silver Peak LAN0 IP address as the default IP gateway for each EqualLogic member.
15. Refer to the Dell EqualLogic documentation and configure replication to the remote site.
Conclusion Silver Peak VXOA enables EqualLogic arrays on isolated iSCSI SANs to replicate across significantly greater distances, using less bandwidth, and without any changes to the LAN or WAN router. Silver Peak VXOA helps maintain EqualLogic security and stability by keeping the iSCSI SAN replication traffic isolated from the LAN through the use of tunnels between appliances. All of these benefits and deployment options are available with Silver Peak virtual and physical appliances.
15 | P a g e
Links Silver Peak Documentation: http://silver-‐peak.com/Support/user_docs.asp Dell EqualLogic Product Documentation: http://support.dell.com/support/topics/global.aspx/support/enterprise_support/en/equal_logic?c=us&cs=04&l=en&s=bsd&~ck=anavml
16 | P a g e
Appendix A
Silver Peak VXOA and Dell EqualLogic 3-‐2-‐1 Configuration Sheet
Local Site Remote Site Silver Peak mgmt0: Silver Peak mgmt0: Replication Bandwidth: Replication Bandwidth:
LAN LAN Wan Router: Wan Router: LAN Subnet: LAN Subnet: Silver Peak WAN0: Silver Peak WAN0:
IP SAN IP SAN IP SAN Subnet: IP SAN Subnet: Silver Peak LAN0: Silver Peak LAN0: LAN0 Next-‐hop: LAN0 Next-‐hop:
iSCSI SAN Switch
Silver Peak
WAN Router
Primary EQ Array Secondary EQ Array
LAN Switch LAN Switch
iSCSI SAN Switch
Silver Peak
WAN Router
WAN
SP WAN0 interface
SP LAN0 interface
SP WAN0 interface
SP LAN0 interface