Separate Management, Provisioning, and Data Networks

Figure 2–1 Separate Management, Provisioning, and Data Networks

When designing a network, keep the following information in mind:

• Configuring separate management, provisioning, and data networks is the best practice

• Separate networks provide the highest security and the lowest number of points of failure

• The data center DHCP service can be used to assign IP addresses to provisioned servers

  ---

  Note –

  The management server DHCP service does not provide DHCP services for the data network. If you plan to dynamically configure IP services on the data network, you must provide an external DHCP server for the data network. You must not have another DHCP server on the same provisioning network.

  ---

• You might need to install additional NICs in the management server and some provisionable servers to support this configuration

The following list summarizes the connectivity requirements for the separate management, provisioning, and data networks configuration.

• Management Server

  The management server should provide connectivity to the management network, provisioning network, and corporate network as follows:

  • ETH0 connects the management server to the corporate network to provide external access to the management server. The management server ETH0 IP address, netmask, and gateway should be configured to meet your corporate environment connectivity requirements. DNS configuration is performed during the N1 System Manager configuration process. ETH0 should be a 1-Gbit NIC interface.

  • ETH1 connects the management server to the provisioning network and should be on the same switch and network as the ETH0 connections of the provisionable servers. The management server ETH1 IP address, netmask, and gateway can be configured to support hundreds of provisionable servers. No devices other than the management server and the provisionable servers should reside on the provisioning network. ETH1 should be a 1-Gbit NIC interface.

  • ETH2 connects the management server to the management network and should be on the same switch and network as the management port connections of the provisionable servers. The management server connection is not required to be on the same switch as the management port connections of the provisionable servers as long as connectivity to the provisionable servers management port is provided. The management server ETH2 IP address, netmask, and gateway should be configured to enable connectivity to the provisionable server's management port IP addresses. ETH2 should be a 100-megabit NIC interface.

  • The management server DHCP service allocates IP addresses to the provisionable servers for loading operating systems.

  • The management server mail service enables ALOM architecture provisionable servers to send hardware monitoring information to the N1 System Manager over the management network.

• Provisionable Server

  Each provisionable server should provide connectivity to the management network, provisioning network, and data network as follows:

  • The management port connects the provisionable server to the management network and should be on the same switch and network as the ETH2 connection of the management server. The provisionable server management port connection is not required to be on the same switch as the ETH2 connection of the management server as long as connectivity to the management server ETH2 port is provided.

    The management port should be a 100-megabit connection.

  • ETH0 connects the provisionable server to the provisioning network and must be on the same switch and network as the ETH1 connection of the management server.

    ETH0 should be a 1-Gbyte connection.

  • ETH1 connects the provisionable server to the data network through the switch to provide external corporate network access to the provisionable server.

    ETH1 should be a 1-Gbyte connection.