- DL manuals
- F5
- Switch
- ARX-1500
- Planning Manual
F5 ARX-1500 Planning Manual
Summary of ARX-1500
Page 1
Arx ® site planning guide 810-0036-00
Page 3
Arx site planning guide iii publication date this manual was published on may 13, 2013. Legal notices copyright copyright 2005-5/13/13, f5 networks, inc. All rights reserved. F5 networks, inc. (f5) believes the information it furnishes to be accurate and reliable. However, f5 assumes no responsibili...
Page 4
Iv canadian regulatory compliance this class a digital apparatus complies with canadian ices-003. Standards compliance this product conforms to the iec, european union, ansi/ul and canadian csa standards applicable to information technology products at the time of manufacture. Acknowledgments this p...
Page 5
Arx site planning guide v january 2011 - rev v, add updates for release 5.03.000 june 2011 - rev w, add updates for release 6.00.000 september 2011 - rev x, add updates for release 6.01.000 october 2011 – rev y, refer to licensed limits july 2012 - rev z, add updates for release 6.02.000 october 201...
Page 6
Vi.
Page 7
1 site planning this manual describes network and environmental considerations for installing an adaptive resource switch (arx ® ). Use this document to prepare for adding an arx to your network..
Page 9
Concepts and terminology arx site planning guide 1 - 3 concepts and terminology the arx acts as a resource proxy between the current clients and servers on your network. The switch terminates client requests, determines the correct server to process the request, and then originates a new request to ...
Page 10
Chapter 1 site planning 1 - 4 namespaces you can configure one or more namespaces for your front-end clients. Each namespace is a collection of virtual file systems, called volumes, under a single authentication domain. A volume is a collection of shares (or exports) hosted on the back-end file serv...
Page 11
Selecting a network topology arx site planning guide 1 - 5 figure 1.2 clients and servers on the same vlan before using the arx. One-armed proxy: after installing an arx the arx has a single physical connection to the client/server subnet. On the switch, you configure the same subnet and vlan for bo...
Page 12
Chapter 1 site planning 1 - 6 figure 1.3 clients and servers on a vlan after cutting in an arx. Multiple subnet topology a multiple subnet deployment divides clients and servers into multiple ip subnets. You can define multiple subnets, static routes, and default routes on the arx to reach any numbe...
Page 13
Selecting a network topology arx site planning guide 1 - 7 figure 1.4 clients and servers on separate vlans and subnets multiple subnet: after installing an arx as shown in figure 1.5, the arx has a separate connection to the client subnet and the server subnet in a multiple subnet topology. The swi...
Page 14
Chapter 1 site planning 1 - 8 figure 1.5 arx as proxy for cifs and/or nfs transactions allocating ip addresses as a resource proxy with distributed processors, the arx requires several ip addresses to communicate with front-end clients and its back-end servers. Every network processor on the switch ...
Page 15
Allocating ip addresses arx site planning guide 1 - 9 chosen server subnet must have enough address space for one proxy ip address per network processor. The number of network processors varies for each platform type. The following table shows the number of proxy ip addresses for each platform type....
Page 16
Chapter 1 site planning 1 - 10 configuring management ip addresses you can configure in-band management interfaces, one per configured vlan. At least one such interface is required for many installations – and adding at least one in-band management interface is strongly recommended in any case. ◆ a ...
Page 17
Allocating ip addresses arx site planning guide 1 - 11 figure 1.6 sample network the sample network has redundant arx devices connected at each of the distribution switches. Physically, this is a one-armed connection; conceptually, the arx has clients in front and file servers in back. The network f...
Page 19
Allocating ip addresses arx site planning guide 1 - 13 637 nlockmgr tcpudp ✓ ✓ 638 status tcp/udp ✓ ✓ cifs proxy/smb 445 cifs (smb) server tcp ✓ ✓ preferred port. 139 cifs (smb) server tcp cifs (smb) over netbios ✓ ✓ cifs authentication/other 53 dns tcp/udp ✓ ✓ queries. 389 ldap tcp/udp ✓ ✓ 25805 nt...
Page 20
Chapter 1 site planning 1 - 14 using ntp to support time-based policies, the clock on the arx must be consistent with the clock in its back-end servers. For example, an accurate clock is needed to determine when to trigger age-based file migration or replication. Accurate time is also important beca...
Page 21
Manually preparing the back-end file servers arx site planning guide 1 - 15 data manager performs file server discovery by examining a specified file server and collecting detailed configuration parameters and then displaying and reporting on that information through its gui. Discovery is accomplish...
Page 22
Chapter 1 site planning 1 - 16 nfs servers when a namespace imports an nfs export/share, the arx takes inventory by reading the share’s directory tree as root. The shares cannot squash root access by the arx devices’ proxy ips, or this tree walk (and therefore the import) may fail. Set your nfs shar...
Page 23
Manually preparing the back-end file servers arx site planning guide 1 - 17 figure 1.7 netapp manage exports screen the nfs export wizard is invoked. See the following figure. In the wizard, select the options to configure for the export. Figure 1.8 nfs export wizard use this wizard to add your prox...
Page 24
Chapter 1 site planning 1 - 18 on the wizard commit screen (the final screen), click commit. See the following figure. Figure 1.9 nfs export wizard commit screen emc celerra server on the emc celerra server, select nfs exports. See the left-hand navigation column in the following figure. Click new o...
Page 25
Manually preparing the back-end file servers arx site planning guide 1 - 19 in the root hosts field, enter all your proxy ip addresses. Enter only proxy ip addresses (and, possibly, management ip addresses) in these fields. For an example showing these fields, see the following figure. Figure 1.11 e...
Page 26
Chapter 1 site planning 1 - 20 linux the following instructions have been tested with debian-linux nfs servers. The same method should apply to other linux distributions, such as redhat. As root, edit the /etc/exports file to set the following for each nfs export: • read-write (rw) access for all pr...
Page 27
Manually preparing the back-end file servers arx site planning guide 1 - 21 as root, edit the /etc/exports file to accomplish all of these goals. To allow mounts below the root of the share, you must use the -alldirs flag. For security reasons, bsd only allows this flag for shares that map to block ...
Page 28
Chapter 1 site planning 1 - 22 the file servers’ windows domain. The proxy user requires strong privileges on all cifs-supporting servers, this user account must belong to the backup operators group or a group with equivalent privileges, and it must have full control (defined as both read and change...
Page 29
Manually preparing the back-end file servers arx site planning guide 1 - 23 emc data domain the emc data domain system has a particular cli command designed to support the arx proxy user: cifs option set f5. This command accepts the domain and username of any valid windows account, defined externall...
Page 30
Chapter 1 site planning 1 - 24 linux samba the arx is often required to support file servers other than windows, network appliance, and emc. Some environments can include file servers that are samba-based. Samba is an open source suite of programs for linux and unix that has been in use since 1992. ...
Page 31
Planning for a namespace arx site planning guide 1 - 25 • 25805/tcp, used by default for ntlm or ntlmv2 communication. You can change this port from the arx and from the secure agent’s management interface. If you have a windows firewall on your dcs, you may need to manually allow the arx to access ...
Page 32
Chapter 1 site planning 1 - 26 refer to this chart to determine the limits for each arx-appliance model. Specifically, the chart shows the following maximums: • namespaces (shown as the maximum volume groups), • volumes, • managed-volume shares, • managed-volume files, • direct (or presentation) vol...
Page 33
Planning for a namespace arx site planning guide 1 - 27 using the nfs or cifs protocols, metadata is stored persistently on file servers external to the arx so that both arxes in a redundant pair will have access to the metadata database. Each volume within the namespace must have a metadata locatio...
Page 34
Chapter 1 site planning 1 - 28 important choosing a metadata share that is too small or unreliable can seriously jeopardize managed-volume performance. A poor configuration for the metadata can possibly lead to metadata corruption. Choose your metadata shares carefully, as instructed in this section...
Page 35
Planning for a namespace arx site planning guide 1 - 29 for example, consider a volume with 5 million files and 1 million directories. The estimated disk capacity needed for the volume would be 3.5 gigabytes: • files: (5 million) x (300 bytes per file) = 1,500,000,000 bytes or 1.5 gigabytes • direct...
Page 36
Chapter 1 site planning 1 - 30 if the share’s server acknowledges a write, that acknowledgement must amount to a guarantee that the data is written to disk. Use the following steps to ensure that this guarantee extends from the nfs/cifs mount point all the way to the disk drive: 1. Configure the exp...
Page 37
Planning for a namespace arx site planning guide 1 - 31 automatically discover key attributes about your file storage environment, such as volumes, shares, exports, security settings, file system settings, and estimated size required for metadata storage. For more information and to download a free ...
Page 38
Chapter 1 site planning 1 - 32 planning for a multi-protocol namespace a multi-protocol namespace supports both nfs and cifs. You can use it with a heterogeneous set of back-end filers with multi-protocol shares. Currently-supported filer vendors include netapp and emc. The arx passes nfs and/or cif...
Page 39
Planning for a multi-protocol namespace arx site planning guide 1 - 33 non-native file permissions (and qtree configuration) each netapp qtree can support unix-based permissions or ntfs-based acls. The client’s identity is mapped as discussed above, then their identity is applied to the file’s nativ...
Page 40
Chapter 1 site planning 1 - 34 if the proxy-username has spaces or a pound-sign (#) character in it, you must enclose it in quotation marks. Enclose only the username, not the entire domain\proxy-username string. For example: mydomain\”random user” == root # correct is correct, but “mydomain\random ...
Page 41
Preparing for use in an active directory domain arx site planning guide 1 - 35 *** slot_0 primary control station *** [nasadmin@emc01‐mgt nasadmin]$ server_file server_2 ‐get passwd passwd.New server_2 : done [nasadmin@emc01‐mgt nasadmin]$ vi passwd.New add the following line to the bottom of the “p...
Page 42
Chapter 1 site planning 1 - 36 figure 1.12 arx® as a resource proxy between clients and servers kerberos authentication simplifies security management: all acls on all servers can remain the same, and all clients retain the same rights and restrictions that they had before inserting the arx. This pr...
Page 43
Front-end service limitations arx site planning guide 1 - 37 white paper on kerberos authentication (http://www.Microsoft.Com/windows2000/techinfo/howitworks/security/kerb eros.Asp). Front-end service limitations the arx aggregates all of your back-end storage and offers it through front-end (cifs a...
Page 44
Chapter 1 site planning 1 - 38 table 1.4 shows an overview of the features for each arx. Table 1.4 arx models and description model description hardware feature 500 the arx-500 is a cost-effective, small-form-factor adaptive resource switch designed for use in small data centers and branch/remote of...
Page 45
Physical site preparation arx site planning guide 1 - 39 system specifications and requirements this section details the system specifications and requirement of each arx. Choose from the following: 2500 the arx-2500 is a cost-effective, small-form-factor adaptive resource switch designed for use in...
Page 46
Chapter 1 site planning 1 - 40 • arx-500 system specifications and requirements , on page 1-40 • arx-1500 system specifications and requirements , on page 1-40 • arx-2000 system specifications and requirements , on page 1-41 • arx-2500 system specifications and requirements , on page 1-42 • arx-4000...
Page 47
Physical site preparation arx site planning guide 1 - 41 arx-2000 system specifications and requirements the following table describes the arx-2000 system specifications: environmental requirements altitude: 60m (197ft) min. To 1800m (6000 ft) max. Humidity operating: 10% min. To 95% max. (non conde...
Page 48
Chapter 1 site planning 1 - 42 arx-2500 system specifications and requirements the following table describes the arx-2500 system specifications. Arx-4000 system specifications and requirements the following table describes the arx-4000system specifications. Table 1.8 arx-2500 system specifications c...
Page 49
Physical site preparation arx site planning guide 1 - 43 system power requirements this section lists the system power requirements for all the arx models. Choose from the following: • arx-500 system power requirements , on page 1-43 • arx-1500 system power requirements , on page 1-43 • arx-2000 sys...
Page 50
Chapter 1 site planning 1 - 44 arx-2500 system power requirements the arx-2500 is powered by two power supplies (1+1 redundancy) consisting of two power modules and one power system frame. Two power modules are recommended for full redundancy and load-sharing. The power supplies require a 10a / 220v...
Page 51
Physical site preparation arx site planning guide 1 - 45 arx-1500 cable requirement the following table lists the required cables and power cords for the switch. All cables except the ac power cord and console cable are customer-supplied. 1 console cable with rj-45-to-db9 adapter serial console inte...
Page 52
Chapter 1 site planning 1 - 46 arx-2000 cable requirements the following table lists the required cables and power cords for the switch. All cables except the ac power cord and console cable are customer-supplied. Arx-2500 cable requirements the following table lists the required cables and power co...
Page 53
Physical site preparation arx site planning guide 1 - 47 arx-4000 cable requirements the following table lists the required power cords and cables. All cords are customer-supplied except the ac power cords and the console cable. 2 fiber-optic cables for connection to 10-gbps ethernet x2 msa-complian...
Page 54
Chapter 1 site planning 1 - 48 cable connectors and pinout assignments this section shows the cable connectors and the pinout assignments for all models of the arx. 12 ethernet cables for connection to 100/1000 mbps ethernet (rj-45 connectors) gigabit ethernet ports a 100/1000base-t category 5/6, un...
Page 55
Physical site preparation arx site planning guide 1 - 49 the serial console port requires a rollover cable (rj-45 to rj-45) that is included with the arx-installation kit. This cable is sufficient for connecting to a terminal server. For a direct connection to the serial port on a management station...
Page 56
Chapter 1 site planning 1 - 50 pinout assignments for arx-500, arx-2000, and arx-4000 the following table lists the rj-45 pinout assignments for the rollover cable and the adapter. The left column shows the transmit (txd), ground (gnd), and receive (rxd) signals. And the right column shows the signa...
Page 57
Physical site preparation arx site planning guide 1 - 51 sfp optical connector for the arx-2500 the gigabit ethernet optical ports on the arx-2500 use small form-factor pluggable (sfp) optical transceivers that accept lc-style multi-mode fiber connectors. These are for connection to ethernet over fi...
Page 58
Chapter 1 site planning 1 - 52 arx-1500 connectors the arx-1500 is powered by two power supplies (1+1 redundancy) system) consisting of two power modules and one power system frame. Two power modules are recommended for full redundancy and load-sharing. The power supplies require a 10a / 220vac inpu...
Page 59
Physical site preparation arx site planning guide 1 - 53 arx-2500 connectors the arx-2500 is powered by two power supplies (1+1 redundancy) consisting of two power modules and one power system frame. Two power modules are recommended for full redundancy and load-sharing. The power supplies require a...
Page 60
Chapter 1 site planning 1 - 54 bringing an arx inline the process of bringing an arx inline begins with installation. Consult the hardware installation guides for each arx model for the tasks involved with installation. Once you reach the installation initial interview, you can access the arx throug...
Page 61
Bringing an arx inline arx site planning guide 1 - 55 existing and new configurations for naming collisions and hardware limitations. For further details on some of these issues, see manually preparing the back-end file servers , on page 1-15. Accessing the arx using the cli or the gui the process o...
Page 62
Chapter 1 site planning 1 - 56 this manual contains instructions to set up and maintain networking and administration on a new arx. After installing the switch, setting up its management ip, and preparing the switch for cli and/or gui provisioning, you can follow the order of the chapters in this ma...
Page 63
Contacting customer service arx site planning guide 1 - 57 for detailed instructions on each of these commands, consult the arx cli reference. To save configurations regularly from the gui: 1. From the left-hand navigation panel, expand maintenance. 2. Click configs. 3. On the configs page, click sa...
Page 64
Chapter 1 site planning 1 - 58.