ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Start a New Post

Shared Vlan tagging on DP

not_a_Lone_wolf
‎2020-07-01 06:08 AM

Hi. Is it advisable to tag Management Vlan on the port hosting the Intercluster LIF's ? I remember I came across this somewhere (probably in one of technical reports) that doing this exposes the replication traffic. Can somebody please help me guided in the correct direction?

0 Kudos
Tags (2)
1 ACCEPTED SOLUTION

TMAC_CTG
NetApp A-Team
‎2020-07-01 08:59 AM
In response to not_a_Lone_wolf

 

For the first question, sounds reasonable. You should check the "firewall policy show" output. Different LIFs have different policies assigned.

 

For SnapMirror to work, you must have at least 1 (prefer 2) LIFs on each node of the source and destination controllers. Since you are going A-> B -> C and they way you phrase it I suspect A cannot talk to C then what you ultimately need to do is this:

1. Setup SnapMirror on LIFs from A->B

2. Create a NEW IPSPACE on B for Intercluster LIFs from B to C.

3. Create the LIFs on B in the new IPSPACE

4. Create the LIFs on C  (standard IPSPACE should be OK)

 

For the replication to work, it require basically a full-mesh PING. So A would need to PING B.

B however, since it talks to A and C would need to be able to PING A and C. By putting in different IPSPACES, B would need to ping all A nodes or Ping all C nodes and it can because they are in different IPspaces. Then A does not need to worry about C.

 

Hopefully that makes a little sense!

View solution in original post

4 REPLIES 4

TMAC_CTG
NetApp A-Team
‎2020-07-01 07:59 AM

In general, not a good idea to mix Tagged VLANs and access ports in the same Broadcast-Domain

i.e. Broadcast-Domain Default with ports of e0M and a0a-77

When using VLANs, I tend to not use the native VLAN on the IFGRP and try to get the network team to make the native VLAN something they do not use. Then use Tagged VLANs all the way.

 

For the Intercluster LIFs, I see people have those run on the same address space as MGMT. I tend to use Intercluster LIFs for just that. Make MGMT a separate VLAN or a different physical port

not_a_Lone_wolf
‎2020-07-01 08:45 AM
In response to TMAC_CTG

Thanks a lot   .The insights share are really informative. I also read in a NetApp's document that using Mgmt Vlan on Snap ports exposes the data replication traffic. Is this true?

 

I would like to ask one more thing, if the Snap ports (physical, no ifgrps) on B (destination)are configured to host Intercluster Lifs for Clusters A  and if it's required  to set up a cascade from B-C, then would the following work: hosting an intercluster lif on a tagged VLAN on B(physical, no ifgrps) for customer's VLAN ? Assuming it's in the same ipspace to that of the customer's?

 

0 Kudos
Tags (2)

TMAC_CTG
NetApp A-Team
‎2020-07-01 08:59 AM
In response to not_a_Lone_wolf

 

For the first question, sounds reasonable. You should check the "firewall policy show" output. Different LIFs have different policies assigned.

 

For SnapMirror to work, you must have at least 1 (prefer 2) LIFs on each node of the source and destination controllers. Since you are going A-> B -> C and they way you phrase it I suspect A cannot talk to C then what you ultimately need to do is this:

1. Setup SnapMirror on LIFs from A->B

2. Create a NEW IPSPACE on B for Intercluster LIFs from B to C.

3. Create the LIFs on B in the new IPSPACE

4. Create the LIFs on C  (standard IPSPACE should be OK)

 

For the replication to work, it require basically a full-mesh PING. So A would need to PING B.

B however, since it talks to A and C would need to be able to PING A and C. By putting in different IPSPACES, B would need to ping all A nodes or Ping all C nodes and it can because they are in different IPspaces. Then A does not need to worry about C.

 

Hopefully that makes a little sense!

View solution in original post

not_a_Lone_wolf
‎2020-07-01 09:09 AM
In response to TMAC_CTG

Thanks a ton 

0 Kudos
Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

View All
NetApp Insights to Action
I2A Banner
All Community Forums
Learn about the Community Get Started
Still have Questions Start a Discussion
Rules of the Community Read More
© 2021 NetApp
Let us know
Public