17.4. Using a Private Network Configuration

17.4. Using a Private Network Configuration
Prev	Chapter 17. Alternate Network Configurations	Next

This section provides information about using a private network configuration for a Sun Ray environment. This is a supported configuration, but it adds more complexity to the initial and ongoing Sun Ray network administration.

A private network configuration meets the following criteria:

A private network segment is connected to one of the interfaces of the Sun Ray server.
The Sun Ray server handles all the Sun Ray Client's IP and device configurations.
The Sun Ray server defines the subnet's characteristics (such as the IP range and subnet).
Only Sun Ray Clients are connected to the subnet.
The Sun Ray server provides DHCP services.
The private network is configured by using the utadm -a interface command.

Figure 17.2, “Private Network Example” shows an example of a private network configuration.

Figure 17.2. Private Network Example

17.4.1. Private Network Configuration Worksheet

Fill out Table 17.2, “Private Network Configuration Worksheet”, so that the information is readily available during the actual configuration process. This worksheet is for configuring a Sun Ray server in a private network.

Values that are provided in italics are only examples and should not be used.
Values provided in normal font are defaults and can be used.
Superscripted numbers ^(#) refer to footnotes at the end of each section.

Note

The blank rows in the worksheets are provided for you to add additional information about your environment if you choose to print the worksheets.

Table 17.2. Private Network Configuration Worksheet

Aspect or Variable	Default Value, Example, or (Other)	Your Primary Server Value	Your Secondary Server Value
Configuring the Sun Ray interconnect interface using utadm	(Provide the start time)
Interface name	hme1 (Solaris), eth1 (Linux)
Host address ⁽¹⁾	192.168.128.1
Net mask	255.255.255.0
Net address	192.168.128.0
Host name ⁽¹⁾	hostname-interface-name
If the Sun Ray server is used for IP address allocation:
First Sun Ray Client address	192.168.128.16
Number of Sun Ray Client addresses ⁽²⁾	X
Firmware server ⁽³⁾	192.168.128.1
Router ⁽³⁾	192.168.128.1
Specify additional server list? (optional)	(yes or no)
If yes, filename	filename
Or, Server IP address	192.168.128.2
Configuring Sun Ray Software using utconfig	(Provide the start time)
Admin password	adminpass
Configure Admin GUI? If yes, then:
Sun Ray admin server port number	1660
Enable remote administration? (optional)	(yes or no)
Enable secure connection? (optional)	(yes or no)
Configure Kiosk Mode? (optional)	(yes or no)
If yes, User prefix	utku
Group name	utkiosk
User ID range start	150000
Number of users ⁽⁴⁾	25
Configure failover group? (optional)	(yes or no)
If yes, Failover group signature ⁽⁵⁾	signature1

⁽¹⁾ These values are different for each Sun Ray server, even if that server is part of a failover group.

⁽²⁾ These values must be unique among the servers in a failover group. The following guidelines can help you determine what addresses to allocate for each Sun Ray server:

X = (Number of clients/(Number of servers - 1)) - 1
First unit address for primary server= 192.168.128.16
Last unit address for all servers = X + first unit address. If last unit address is greater than 240, reduce to 240.
- First unit address for secondary servers = 1 + last unit address of previous server. If first unit address is greater than 239, configure for a class B network. Example: 120 clients, 4 servers. X= 39

⁽³⁾ These values are the same as the interface host address by default.

⁽⁴⁾ The value entered for the number of users is the greater of:

The total number of Sun Ray Clients
The total number of disconnected and active sessions

⁽⁵⁾ This signature^ must be the same for every Sun Ray server in a failover group. The signature requires at least one numeric character.

17.4.2. How to Configure a Sun Ray Server in a Private Network

This procedure shows how to configure a Sun Ray server in a private network.

Log in as the superuser of the Sun Ray server, either locally or remotely.
Note
Make sure that the /etc/hosts file contains the IP address of the system host name.
Configure the Sun Ray interconnect interface:
```
# /opt/SUNWut/sbin/utadm -a interface-name
```
where interface-name is the name of the interface to the Sun Ray interconnect, for example: hme1, qfe0, or ge0 (Solaris) or eth1 (Linux).
The utadm script begins configuring DHCP for the Sun Ray interconnect, restarts the DHCP daemon, and configures the interface. The script then lists the default values and asks whether they are acceptable.
Note
If the IP addresses and DHCP configuration data are not set up correctly when the interfaces are configured, the failover feature cannot work properly. In particular, configuring the Sun Ray server's interconnect IP address as a duplicate of any other server's interconnect IP address may cause the Sun Ray Authentication Manager to generate Out of Memory errors.
Evaluate the default values:
- If you are satisfied with the default values, and the server is not part of a failover group, answer y.
- Otherwise, answer n and accept whatever default values are shown by pressing Return, or provide the correct values from the worksheet.
  The utadm script prompts for the following:
- New host address (192.168.128.1)
- New netmask (255.255.255.0)
- New host name (hostname-interface-name)
- Offer IP addresses for this interface? ([Y]/N)
- New first Sun Ray Client address (92.168.128.16)
- Total number of Sun Ray Client address (X)
- New authorization server address (192.168.128.1)
- New firmware server address (192.168.128.1)
- New router address (192.168.128.1)
- An additional server list.
  If you answer yes, it requests either a file name (filename) or a Server IP Address (192.168.128.2).
The utadm script again lists the configuration values and asks whether they are acceptable.
- If not, answer n and revise the answers provided in Step 3.
- If the values are correct, answer y. The following Sun Ray files are configured:
  For Solaris:
```
/etc/hostname.interface-name
/etc/inet/hosts
/etc/inet/netmasks
/etc/inet/networks
```
  For Linux:
```
/etc/opt/SUNWut/net/dhcp/SunRay-options
/etc/opt/SUNWut/net/dhcp/SunRay-interface-eth1
/etc/opt/SUNWut/net/hostname.eth1
/etc/hosts
/etc/opt/SUNWut/net/netmasks
/etc/opt/SUNWut/net/networks
/etc/dhcpd.conf
```
  The utadm script configures the Sun Ray Client firmware versions and restarts the DHCP daemon.
Repeat this procedure for each of the secondary servers in your failover group.

17.4.3. How to List the Current Network Configuration

# utadm -l

17.4.4. How to Print a Private Network Configuration

# utadm -p

For each interface, this command displays the host name, network, netmask, and number of IP addresses assigned to Sun Ray Clients by DHCP.

Note

Sun Ray servers require static IP addresses; therefore, they cannot be DHCP clients.

17.4.5. How to Delete an Interface

# utadm -d interface_name

This command deletes the entries that were made in the hosts, networks, and netmasks files and deactivates the interface as a Sun Ray interconnect.

17.4.6. Example Private Network Setup

The following section presents an example of a Sun Ray Client deployment on the private network interconnect A (directly-connected dedicated interconnect) as shown in Figure 17.3, “Example of Alternate Private Network Topology”.

Figure 17.3. Example of Alternate Private Network Topology

Diagram showing an example of a Sun Ray network topology.

Subnet A is a private network. Its subnet will use IP addresses in the range 192.168.128.0/24. The Sun Ray server named helios is attached to the interconnect through its qfe2 network interface, which will be assigned the IP address 192.168.128.3.

In an interconnect scenario, the DHCP service on the Sun Ray server always provides both basic networking parameters and additional configuration parameters to the Sun Ray Client. The answers to the three predeployment questions are as follows:

From which DHCP server will clients on this subnet get their basic IP networking parameters?
On a directly connected dedicated interconnect, basic networking parameters are always supplied by the DHCP service on the Sun Ray server.
From which DHCP server will clients on this subnet get additional configuration parameters to support features such as firmware download?
On a directly connected dedicated interconnect, additional configuration parameters are always supplied by the DHCP service on the Sun Ray server.
How will clients on this subnet locate their Sun Ray server?
On a directly connected dedicated interconnect, the Sun Ray Client is always notified of the location of the Sun Ray server through an additional configuration parameter supplied when Sun Ray services are restarted.

This example shows the DHCP service for the directly connected dedicated interconnect A shown in Figure 17.3, “Example of Alternate Private Network Topology”.

Configure the Sun Ray server to provide both basic and additional parameters to the interconnect.

Use the utadm -a interface-name command to configure DHCP service for clients on an interconnect. In this example, the interconnect is attached through interface qfe2:

# /opt/SUNWut/sbin/utadm -a qfe2
### Configuring /etc/nsswitch.conf
### Configuring Service information for Sun Ray
### Disabling Routing
### configuring qfe2 interface at subnet 192.168.128.0
Selected values for interface "qfe2"
host address: 192.168.128.1
net mask: 255.255.255.0
net address: 192.168.128.0
host name: helios-qfe2
net name: SunRay-qfe2
first unit address: 192.168.128.16
last unit address: 192.168.128.240
auth server list: 192.168.128.1
firmware server: 192.168.128.1
router: 192.168.128.1
Accept as is? ([Y]/N): n
new host address: [192.168.128.1] 192.168.128.3
new netmask: [255.255.255.0]
new host name: [helios-qfe2]
Do you want to offer IP addresses for this interface? ([Y]/N):
new first Sun Ray address: [192.168.128.16]
number of Sun Ray addresses to allocate: [239]
new auth server list: [192.168.128.3]
To read auth server list from file, enter file name:
Auth server IP address (enter <CR> to end list):
If no server in the auth server list responds, should an auth server be located by broadcasting on  /
the network? ([Y]/N):
new firmware server: [192.168.128.3]
new router: [192.168.128.3]
Selected values for interface "qfe2"
host address: 192.168.128.3
net mask: 255.255.255.0
net address: 192.168.128.0
host name: helios-qfe2
net name: SunRay-qfe2
first unit address: 192.168.128.16
last unit address: 192.168.128.254
auth server list: 192.168.128.3
firmware server: 1 192.168.128.3
router: 192.168.128.3
Accept as is? ([Y]/N):
### successfully set up "/etc/hostname.qfe2" file
### successfully set up "/etc/inet/hosts" file
### successfully set up "/etc/inet/netmasks" file
### successfully set up "/etc/inet/networks" file
### finished install of "qfe2" interface
### Building network tables - this will take a few minutes
### Configuring firmware version for Sun Ray
All the units served by "helios" on the 192.168.128.0
network interface, running firmware other than version
"2.0_37.b,REV=2002.12.19.07.46" will be upgraded at their
next power-on.
### Configuring Sun Ray Logging Functions
DHCP is not currently running, should I start it? ([Y]/N):
### started DHCP daemon
#

In this example, the default values initially suggested by utadm were not appropriate. Specifically, the suggested value for the server's IP address on the interconnect was not the desired value. The administrator replied n to the first "Accept as is?" prompt and was given the opportunity to provide alternative values for the various parameters.

Restart Sun Ray services on the Sun Ray server by issuing the utstart command to fully activate Sun Ray services on the newly defined interconnect.
```
# /opt/SUNWut/sbin/utstart
A warm restart has been initiated... messages will be logged to /var/opt/SUNWut/log/messages.
```

Prev	Up	Next
17.3. Using a Shared Network Configuration Without External DHCP Services	Home	17.5. Sun Ray Client Initialization Requirements Using DHCP