Networking guidelines

Follow these guidelines when configuring StorageGRID Webscale networks.

Grid Network guidelines

Subnet guidelines

Note: The following restrictions are enforced by the Grid Manager during deployment. They are provided here to assist in pre-deployment network planning.
  • The subnets defined by a given node’s IP/mask (CIDR) values for all networks it uses cannot overlap each other.
  • The subnet defined by a given node’s Admin Network IP/mask (CIDR) value cannot overlap any subnet in the Grid Network Subnet List.
  • The subnet defined by a given node’s Client Network IP/mask (CIDR) value cannot overlap any subnet in the Grid Network Subnet List, nor any subnet present in that node’s Admin Network External Subnet List (A-ESL).
  • The subnet defined by the Grid Network IP/mask (CIDR) value of any given node in the grid must be contained within at least one subnet present in the Grid Network Subnet List.
  • No subnet in the Grid Network Subnet List can overlap with any subnet in any node’s Admin Network External Subnet List (A-ESL).

Gateway guidelines

  • If set, the gateway for a given network must lie within the subnet defined by the node’s IP/mask (CIDR) value for that network.
  • For the Grid Network, the gateway parameter is optional only if the Grid Network Subnet List contains exactly one subnet.

General guidelines

  • At least one NTP server must be reachable by the primary Admin Node, using the networking configuration you specified when deploying the primary Admin Node.
  • If you are not ready to configure the optional Admin and Client Networks during deployment, you can configure these networks when you approve grid nodes during the configuration steps. See "Approving pending grid nodes" for more information.
  • Admin Nodes must always be secured from untrusted clients, such as those on the open internet. You must ensure that no untrusted client can access any Admin Node on the Grid Network, the Admin Network, or the Client Network.

Docker containerized deployments

Docker-related network configuration is not required in a StorageGRID Webscale system.

Post-configuration guidelines

After completing configuration:
  • If DHCP was used to assign IP addresses, configure a DHCP reservation for each IP address on these networks.

    Note: You can only set up DHCP during the deployment phase. You cannot set up DHCP during configuration.
  • You must use the IP address change procedures if you want to change IP addresses, subnet masks, and default gateways for a grid node. See information about configuring IP addresses in the recovery and maintenance instructions.
  • If you make networking configuration changes, including routing and gateway changes, client connectivity to the primary Admin Node and other grid nodes might be lost. Depending on the networking changes applied, you might need to re-establish these connections.

For more information on the StorageGRID Webscale network model and various ways to use it, review the networking topics in the Grid primer.