Dell 3-DNS Working with VLANs

Chapter 4

4 - 4

Working with VLANs

A VLAN is a grouping of separate 3-DNS Controller networks that allows

those networks to behave as if they were a single local area network,

whether or not there is a direct ethernet connection between them.

The 3-DNS Controller offers several options that you can configure for a

VLAN. These options are summarized in Table 4.1.

Default VLAN configuration

By default, the Setup utility configures each interface on the 3-DNS

Controller as a member of a VLAN. The 3-DNS Controller identifies the

fastest interfaces, makes the lowest-numbered interface in that group a

member of the VLAN external, and makes all remaining interfaces

members of the VLAN internal.

Option Description

Create a default VLAN

configuration

You can use the Setup utility to create a default VLAN configuration.

Create, rename, or delete

VLANs

You can create, rename, or delete a VLAN.

Configure packet access to

VLANs

Through an option called tagging, you can direct packets from multiple VLANs to a

specific 3-DNS interface, or direct traffic from a single VLAN to multiple interfaces.

Manage the L2 forwarding

table

You can edit the L2 forwarding table to enter static MAC address assignments.

Create VLAN groups You can create a VLAN group to allow layer 2 packet forwarding between VLANs.

Set VLAN security You can set port lockdown by VLAN.

Set fail-safe timeouts You can set a fail-safe timeout on a VLAN. You can use a fail-safe timeout to trigger

fail-over in a redundant system.

Set self IP addresses You can set one or more self IP addresses for VLANs.

Set MAC masquerade You can use the MAC masquerade to set up a media access control (MAC) address

that is shared by a redundant system.

Configure VLAN mirroring You can configure the 3-DNS Controller to replicate packets received by a VLAN and

send them to another VLAN or set of VLANs.

Table 4.1 Configuration options for VLANs

Contents

Main Page 3-DNS Administrator Guide i Product Version Legal Notices Copyright Trademarks Export Regulation Notice Standards Compliance Acknowledgments 3-DNS Administrator Guide iii Page Page Page Introduction Planning the 3-DNS Configuration Using the Setup Utility Post-Setup Tasks Essential Configuration Tasks Configuring a Globally-Distributed Network Configuring a Content Delivery Network Page Page Page IMPORTANT HARDWARE INFORMATION Getting started Choosing a configuration tool Setup utility Configuration utility NameSurfer application 3-DNS Maintenance menu Using the Administrator Kit Identifying new terms Identifying references to products Identifying references to objects, names, and commands Identifying references to other documents Identifying command syntax What is the 3-DNS Controller? Internet protocol and network management support Security features Configuration scalability System synchronization options Configuring data collection for server status and network path data Redundant system configurations Monitoring the 3-DNS Controller and the network Comparing a 3-DNS Controller to a BIG-IP system Whats new in version 4.5 Automatic discovery Easy system account and password creation Enhanced synchronization Expanded statistics Multi-homing and firewall support Security enhancements Finding help and technical support resources Page Page Page Page Page Using a 3-DNS Controller as a standard DNS server Load balancing connections across the network Working with 3-DNS Controllers and other products Page Planning issues for the network setup Configuring the base network Defining data centers and servers Planning a sync group Understanding how a sync group works Understanding how the time tolerance variable affects a sync group Setting up communications on a 3-DNS Controller Setting up communication between crypto and non-crypto systems Setting up data collection with the big3d agent Choosing the 3-DNS mode Running a 3-DNS Controller in node mode Using the 3-DNS synchronization features Importing BIND files to NameSurfer during an initial installation Running a 3-DNS Controller in bridge mode or router mode Page Page Page Creating the initial software configuration with the Setup utility Connecting to the 3-DNS Controller for the first time Running the utility from the console or serial terminal Running the Setup utility remotely Setting up an IP alias for the default IP address before you start the unit Page Starting the utility from the command line To start the Setup utility from the console To start the Setup utility from the command line from a remote administrative workstation Using the Setup utility for the first time Keyboard type Root password Host name Redundant system settings Unit IDs Choosing a fail-over IP address Fail-over type Setting the interface media type Configuring VLANs and IP addresses Assigning interfaces to VLANs Associating the primary IP address and VLAN with the host name Configuring a default gateway pool Configuring remote web server access Configuring remote administrative access Setting support access Setting the time zone Configuring NTP support Configuring the 3-DNS mode Configuring user authentication Using the local LDAP database only Configuring the unit to use an external LDAP or RADIUS server Configuring external LDAP authentication Configuring external RADIUS authentication Configuring NameSurfer for zone file management To open the NameSurfer application Running the Setup utility after creating the initial software configuration Options available only through the Setup utility menu Initialize the iControl portal Configuring RSH Configuring Telnet Configuring FTP Page Page Page Page Introduction Configuring the interfaces Understanding the interface naming convention Displaying status for interfaces Setting the media type Setting the duplex mode Working with VLANs Default VLAN configuration Creating, renaming, and deleting VLANs To create a VLAN using the Configuration utility To rename or delete a VLAN using the Configuration utility To create, rename, or delete a VLAN from the command line Configuring packet access to VLANs Port-based access to VLANs Tag-based access to VLANs Configuration procedures To create a VLAN that supports tag-based access using the To configure tag-based access on an existing VLAN using the To create a VLAN that supports tag-based access from the Setting up security for VLANs To enable or disable port lockdown using the Configuration To enable or disable port lockdown from the command line Setting fail-safe timeouts for VLANs To set the fail-over timeout and arm the fail-safe using the To set the fail-over timeout and arm the fail-safe from the Setting the MAC masquerade address Configuring a self IP address To add a self IP address to a VLAN using the Configuration To add a self IP address to a VLAN from the command line Page Page Page Reviewing the configuration tasks Setting up a basic configuration Setting up a data center To configure a data center using the Configuration utility Setting up servers Defining 3-DNS Controllers To define a 3-DNS Controller using the Configuration utility Page To add virtual servers using the Configuration utility Defining a BIG-IP system with the 3-DNS module To add a BIG-IP system with the 3-DNS Controller module using the Configuration utility Defining a router To define a router using the Configuration utility Defining EDGE-FX systems To define an EDGE-FX system using the Configuration utility To add virtual servers using the Configuration utility Defining host servers To define a host using the Configuration utility To add more virtual servers using the Configuration utility Configuring host SNMP settings Viewing host performance metrics Reviewing SNMP configuration issues Working with sync groups Configuring sync groups To define a sync group using the Configuration utility Setting the time tolerance value To check the value for the time tolerance setting using the To check the value for the time tolerance setting in the configuration file Overview of auto-configuration To modify the auto-configuration setting for a BIG-IP system using the Configuration utility To modify the auto-configuration setting for a host using the To modify the auto-configuration setting for a 3-DNS Controller using the Configuration utility Configuring global variables To configure global parameters using the Configuration utility Page Page Page Understanding a globally-distributed network Using Topology load balancing Setting up a globally-distributed network configuration Adding data centers to the globally-distributed network To add data centers using the Configuration utility Adding 3-DNS Controllers to the globally-distributed network To add 3-DNS Controllers using the Configuration utility Adding BIG-IP systems to the globally-distributed network To add BIG-IP systems using the Configuration utility Adding wide IPs to the globally-distributed network configuration To add a wide IP and pool using the Configuration utility Configuring topology records for the globally-distributed network To configure topology records using the Configuration utility Additional configuration settings and tools Setting limits thresholds To set limits thresholds for BIG-IP systems Page Page Page Introducing the content delivery network Using the 3-DNS Controller in a CDN Reviewing a sample CDN configuration Page Deciding to use a CDN provider Setting up a CDN provider configuration Adding data centers To add data centers using the Configuration utility Adding 3-DNS Controllers To add 3-DNS Controllers using the Configuration utility Adding load balancing servers Adding wide IPs and pools To add a wide IP and pool using the Configuration utility To add a CDN provider pool to the wide IP Adding a topology statement To set up topology records using the Configuration utility Ensuring resource availability Monitoring the configuration Page Page Overview of Quality of Service Understanding QOS coefficients Customizing the QOS equation To modify global QOS coefficients using the Configuration utility To modify QOS coefficients for a specific wide IP using the To assign global QOS coefficients from the command line To assign QOS coefficients for a specific wide IP from the Using the Dynamic Ratio option To turn on the Dynamic Ratio option using the Configuration To turn on the Dynamic Ratio option from the command line Working with Quality of Service 3-DNS Administrator Guide 8 - 7 6. Commit the changes to the configuration by typing: Figure 8.4 Enabling dynamic ratio in a pool configuration Page Page Page Overview of the Global Availability load balancing mode Page Configuring the Global Availability mode To configure the Global Availability load balancing mode among pools from the command line To configure the Global Availability load balancing mode within a pool from the command line A Global Availability configuration example Page Page Page Working with multiple 3-DNS Controllers Preparing to add a second 3-DNS Controller to your network Installing the hardware and running the Setup utility Making the existing 3-DNS Controller aware of the additional controller Running the 3dns_add script To run the 3dns_add script Verifying the configuration To verify that each 3-DNS Controller has the necessary agents and daemons running To verify that the servers you configured are up To verify that the virtual servers you configured are up To verify that the wide IPs are load balancing properly Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page A B C D E F G H I L M N O P S T U V W Z