The way you can work with tagged and untagged networks in the same grid changed with the BFC 3.5.2. In the BFC 3.5.2, there is a provision to associate VLAN ID 0 with a grid. This is useful in cases where you want your grid controller to be on a public network (no VLAN tagging) while the appliances on the grid are still assigned to their respective VLANs. For such a case, you can associate VLAN 0 with the controller and associate different VLAN(s) to the application IPs.
In the BFC 3.5.0 and 3.5.1, VLAN 0 was not a valid VLAN ID. In the BFC 3.5.2 and later, you can add VLAN 0 to a network in the Administration page, Networks tab, VLANs option. You then can then select it when you create a grid, or update grid properties. There are some restrictions for selecting VLAN 0 on a grid, and some considerations for upgrade described below.
Consider the following information before you add VLAN 0:
The BFC treats VLAN 0 as a tagged VLAN. If the grid already has tagged VLANs, you can add VLAN 0 to the grid. If the grid already has untagged VLANs, you cannot add VLAN 0.
Warning: Using IP addresses on VLAN 0 can leave the system vulnerable to a VLAN hopping attack as well as duplication of addresses.
Note: If you click yes, you add the range and the message dialog closes. If you click no, the message dialog closes and the Add a VLAN dialog remains. To avoid oversubscription of addresses, ensure that no devices external to the BFC are using the address range that you indicate for VLAN 0.
This BFC is using IP addresses on VLAN 0. Using IP addresses on VLAN 0 can leave the system vulnerable to a VLAN hopping attack as well as duplication of addresses.
Note: If grids have VLANs configured in the BFC but not actually in use on the grid, you can remove those unused VLANs to reduce the time required to upgrade the BFC. You can select to cancel the upgrade and remove the unused VLANs, or you can proceed with the upgrade.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|