Network Changes (DNS, IP, & AD)

undercover's picture
Forums: 

So I'm being forced into a pretty big network change in which I need to move my XSAN install into a completely new environment, with new IP addresses, new DNS servers, and a new domain for credentials.

My question is: In what order should I make these changes?

My guess:
1. Disconnect clients.
2. Leave domain on servers
3. Change IP / DNS on servers
4. Join new domain
5. Change clients IP / DNS
6. Rejoin Clients
7. Change ACL permissions to match new user base

Does anyone see any problem with that or have helpful suggestions? I'm kind of scared of having crazy DNS issues.

BlackF1re's picture

I hope the change does NOT include the private metadata network.

For my personal experience, if the metadata network is untouched, you should be fine.

undercover's picture

BlackF1re wrote:
I hope the change does NOT include the private metadata network.

For my personal experience, if the metadata network is untouched, you should be fine./quote

I am not planning on moving the private metadata network. One question though, do my private and public networks have to be the recommended scheme of public=10.100.x.y, private=192.168.x.y?

If I change public to be 10.3.150.x and leave private as 192.168.7.x will that be ok?

matx's picture

undercover wrote:
BlackF1re wrote:
I hope the change does NOT include the private metadata network.

For my personal experience, if the metadata network is untouched, you should be fine./quote

I am not planning on moving the private metadata network. One question though, do my private and public networks have to be the recommended scheme of public=10.100.x.y, private=192.168.x.y?

If I change public to be 10.3.150.x and leave private as 192.168.7.x will that be ok?/quote

There are no problems changing it all. Even less of a problem if you don;t change the metadata, but no problems to change it, if you had to. As long as the metadata controllers agree (config files all agree) then you're OK.

They can be any IP scheme you wish. Private ranges makes sense for metadata, since it is private and non-routed.

I would switch the order #6 and #7 in your list. Change the permissions, user ownership and ACLs before you mount clients have the potential for issues with clients accessing data, but you should be fine.

undercover's picture

If I had to change the private metadata network, how would I go about doing so in a safe manner?

Stop volumes, change IPs, good to go? Or is it more complex/dangerous?

morphenine's picture

Try not to. But if you have to, you also need to touch the config files. This will let xsan know where to look for the new metadata network. Personally, I would remove all clients from the SAN first. Then re add them after you have it all up and running. That way theres no old config files floating around.

derrickmarcel's picture

The Cisco meraki networking products that Axonex deploy are built from the ground up for Cloud management. They ship with integrated hardware, software, and Cloud services – e.g., centralised management, layer 7 device and application visibility, real-time Web-based diagnostics, monitoring, reporting, and much more.