vADC Forum

Reply
New Contributor
Posts: 2
Registered: ‎12-20-2016

separating heartbeat Network and management with different IP address

 

Firstly, I really appreciate about your sincere reply on my previous question.

 

I want to configure a isolated heartbeat Network that are different from main traffic subnet to attain HA between two vTMS.

 

I plan to add new NIC card on each vTM.

 

So, they'll communicate to the other by using private IP address. And, I want to limit their heartbeat flow solely heartbeat N/W. 

 

I know that it can be succeed through enabling flipper!use_bindip option and change management IP to new N/W.

 

but, the problem is that I can't connect to admin web-page if I choose the solution as I mentioned above 

 

because I usually connect admin web-page through remote connection.

 

In summary, my question is that I want to know if it is possible to configure isolated heartbeat N/W without changing management IP address.

 

Thanks.

 

 

Highlighted
TAC Mod
Posts: 103
Registered: ‎04-07-2011

Re: separating heartbeat Network and management with different IP address

Hello @yihwang

 

I checked into this for you and received the following response:

 

Management IP Address and Admin Server Port

 

The traffic manager can be configured to only allow management on one specific IP address. This restricts all admin server access, SOAP management, REST API access and other control information to this IP. This setup is useful if you want to completely separate your public and private networks. It is currently only possible to restrict access to a single IPv4 address, but it does not need to be the same as the IP address your traffic manager name resolves to. If None is selected, access will not be restricted and any of the raised IP addresses can be used to manage the traffic manager.

 

So the System > Security > Management IP Address and Admin Server Port > bindip configuration key is as close as you can get.  But it does not satisfy the objective you described in bold font.

 

Perhaps the best option would be to have a word with your Sales Engineer (SE) to see if your design objective can be met in some other way. If your SE is unable to assist, it's possible an RFE can be raised to get this request considered for future release.

 

We hope this helps - please let us know if we may further assist via the Community.

 

Best Regards,

 

Denise K.

Brocade Community Team

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.