Network-specific requirements
Follow the requirements for each StorageGRID network type.
Network gateways and routers
-
If set, the gateway for a given network must be within the specific network's subnet.
-
If you configure an interface using static addressing, you must specify a gateway address other than 0.0.0.0.
-
If you do not have a gateway, the best practice is to set the gateway address to be the IP address of the network interface.
Subnets
Each network must be connected to its own subnet that does not overlap with any other network on the node. |
The following restrictions are enforced by the Grid Manager during deployment. They are provided here to assist in pre-deployment network planning.
-
The subnet mask for any network IP address cannot be 255.255.255.254 or 255.255.255.255 (/31 or /32 in CIDR notation).
-
The subnet defined by a network interface IP address and subnet mask (CIDR) cannot overlap the subnet of any other interface configured on the same node.
-
The Grid Network subnet for each node must be included in the GNSL.
-
The Admin Network subnet cannot overlap the Grid Network subnet, the Client Network subnet, or any subnet in the GNSL.
-
The subnets in the AESL cannot overlap with any subnets in the GNSL.
-
The Client Network subnet cannot overlap the Grid Network subnet, the Admin Network subnet, any subnet in the GNSL, or any subnet in the AESL.
Grid Network
-
At deployment time, each grid node must be attached to the Grid Network and must be able to communicate with the primary Admin Node using the networking configuration you specify when deploying the node.
-
During normal grid operations, each grid node must be able to communicate with all other grid nodes over the Grid Network.
The Grid Network must be directly routable between each node. Network address translation (NAT) between nodes is not supported. -
If the Grid Network consists of multiple subnets, add them to the Grid Network Subnet List (GNSL). Static routes are created on all nodes for each subnet in the GNSL.
-
If the Grid Network interface is configured as a trunk to support VLAN interfaces, the trunk native VLAN must be the VLAN used for Grid Network traffic. All grid nodes must be accessible over the trunk native VLAN.
Admin Network
The Admin Network is optional. If you plan to configure an Admin Network, follow these requirements and guidelines.
Typical uses of the Admin Network include management connections, AutoSupport, KMS, and connections to critical servers such as NTP, DNS, and LDAP if these connections are not provided through the Grid Network or Client Network.
The Admin Network and AESL can be unique to each node, as long as the desired network services and clients are reachable. |
You must define at least one subnet on the Admin Network to enable inbound connections from external subnets. Static routes are automatically generated on each node for each subnet in the AESL. |
Client Network
The Client Network is optional. If you plan to configure a Client Network, note the following considerations.
-
The Client Network is designed to support traffic from S3 and Swift clients. If configured, the Client Network gateway becomes the node's default gateway.
-
If you use a Client Network, you can help secure StorageGRID from hostile attacks by accepting inbound client traffic only on explicitly configured load balancer endpoints. See Configure load balancer endpoints.
-
If the Client Network interface is configured as a trunk to support VLAN interfaces, consider whether configuring the Client Network interface (eth2) is necessary. If configured, Client Network traffic will flow over the trunk native VLAN, as configured in the switch.