Your Browser is Out of Date

Nytro.ai uses technology that works best in other browsers.
For a full experience use one of the browsers below
PowerScale: Network Design Considerations
Executive summary Network architecture design Latency, bandwidth, and throughput Ethernet flow control SyncIQ considerations Quality of Service (QoS) Software-Defined Networking PowerScale OneFS ports SmartConnect considerations Ethernet, MTU, and IP overhead Access Zones best practices Source-Based Routing considerations
Overview
Source-Based Routing and DNS
Isilon 6th generation 1 GbE interfaces Intelligent Platform Management Interface IPv6 OneFS host-based firewall Network troubleshooting Appendix A: Supported network optics and transceivers Appendix B: Technical support and resources

Overview

Overview

  • Source-Based Routing (SBR) with PowerScale OneFS is discussed in the PowerScale OneFS 8.1.0 External Network Connectivity Guide. This section clarifies how SBR functions. The naming convention suggests that SBR is routing packets based on a source IP address. However, SBR is actually a mechanism to dynamically create per-subnet default routes. The router used as this gateway is derived from the subnet configuration.

    Gateways must be defined for each subnet. For example, consider a cluster with subnets A, B, and C, as illustrated in the following figure:

    Figure 25.    Source-Based Routing

    In the preceding example, each gateway has a defined priority. If SBR is not configured, the highest priority gateway, that is gateway with the lowest value which is reachable, is used as the default route. Once SBR is enabled, when traffic arrives from a subnet that is not reachable using the default gateway, firewall rules are added. Because OneFS is FreeBSD based, these rules are added through ipfw. In the preceding example, the following ipfw rules are provisioned:

    If src-ip is in subnetA and dst-ip is not in (subnetA,B,C) set next-hop to gatewayA

    If src-ip is in subnetB and dst-ip is not in (subnetA,B,C) set next-hop to gatewayB

    If src-ip is in subnetC and dst-ip is not in (subnetA,B,C) set next-hop to gatewayC

    The process of adding ipfw rules is stateless and essentially translates to per-subnet default routes. SBR is entirely dependent on the source IP address that is sending traffic to the cluster. If a session is initiated from the source subnet, the ipfw rule is created. The session must be initiated from the source subnet, otherwise the ipfw rule is not created. If the cluster has not received traffic that originated from a subnet that is not reachable using the default gateway, OneFS will transmit traffic it originates through the default gateway.

    Given how SBR creates per-subnet default routes, consider:

    • A subnet setting of 0.0.0.0 is not supported and is severely problematic because OneFS does not support RIP, RARP, or CDP.
    • The default gateway is the path for all traffic intended for clients that are not on the local subnet and not covered by a routing table entry. Utilizing SBR does not negate the requirement for a default gateway because SBR in effect overrides the default gateway, but not static routes.
    • Static routes are an option when the cluster originates the traffic, and the route is not accessible using the default gateway. It is important to note that static routes are prioritized over source-based routing rules, as static routes are ipfw rules with higher priority than the source-based routing rules.
    • In environments where SBR is used with a DNS service presented on a remote subnet and multiple SSIPs are present, every DNS server request to a different SSIP changes the route back to the DNS service. Further, the DNS service is often also on the same subnet as other services such as authentication provision, which is likely to disrupt cluster operations. Consider providing SSIPs on a single subnet to support all SmartConnect zones within a single groupnet or defining a static route to the DNS server subnet[s].