XSAN Connection Issue - HELP!

gunhaxx's picture

So I recently came onboard at an organization where I am the lead of their mac environment.

One of the tasks they have me working on is fixing their XSan's. Its been about almost a year since their last mac tech, and even when they first set up the XSan about two years back, it never fully worked (connection issues and such).

To give you a bit of background on my experience, my last job was being the lead of the mac environment at another organization but I never got to work with XSan's previously, so this is still fairly new to me.

So coming onboard, currently the XSan will not connect to any of the client systems on the network. Previously about 3 out of the 6 clients were able to connect the week prior, but are not unable to connect.

I checked system logs on both the xsans server and the systems but could not find anything that would effect the client systems connection to the XSan.

Our setup:

- Apple XServe running the XSAN and the connected storage for it - The apple xserve is connected only to the fiber network (apparently it was never connected to the network via ethernet and worked previously off of just the fiber network).
- 6 Mac Pro Desktops that are the clients, each with the client XSan software installed. These systems are connected to both the fiber network (exclusively for the xsan) and the local ethernet network.

I am able to ping the systems from the XSAN, and I can ping the XSAN from the client systems.

The current systems that are set up on the XSan are showing up as "Unreachable or offline", and one of them says requires password (when entering the local admin password for this client system and clicking authenticate, it just says the system is unreachable or offline).

As a test, a mac pro that was connected to the fiber network (but was showing as unreachable or offline), I removed the system from XSan's, then tried re-adding it to XSans, was not able to add it because it was "Unreachable or offline".

Tried reinstalling the xsans client software on the client system and readding it again, still was showing up as being "Unreachable or offline", even though I could clearly ping the system from the xsan server, and remote to it.

I also tried making sure that port 311 was open on the xsan and the client system.

There is no firewall on the fiber network that I could think of that would be blocking this port.

Can someone please assist? I can give more information to assist with this.

Thank You

-
B Robertson

Thawk9455's picture

There is a contradiction in your statements somewhere (unless I'm missing a step or you have both a fiber channel network and a fiber ethernet network, which wasn't clear).

Apple XServe running the XSAN and the connected storage for it - The apple xserve is connected only to the fiber network (apparently it was never connected to the network via ethernet and worked previously off of just the fiber network).

I am able to ping the systems from the XSAN, and I can ping the XSAN from the client systems.

Unless you are running an actual fiber ethernet network as well how are the clients able to ping the Xserve running the XSAN?

The basic system requirements for XSAN include both a Fibre Channel and an Ethernet network and all computers accessing the SAN must have both. MetaData requests travel from the clients to your MDC (the Xserve based on what you described above) over the ethernet network and then the files are accessed over the fiber channel network.

gunhaxx's picture

Yeah you are right about that. I'm still trying to get a grasp over everything here.

The XSans is only connected to the Fibre Channel.

So far the other engineers here say that the XSans for the time it has been here has only been connected tot he Fibre Channel, while the client systems are connected to both the Fibre Channel and the Ethernet connection for our local network, and that previously several of the client systems were able to connect to the XSans using this configuration (I question the validity of this statement).

I read the admin guide for XSans and saw that the basic requirements for an XSan configuration is for both the MDC (the XServe) and the clients to be connected over an ethernet network (for the metadata requests) and the Fibre Channel (for the actual files).

I'm looking into it right now with the other engineers but in the meantime...

Looking at our current configuration we have the following:

XSan:
Fibre Channel IP

Client System:
Fibre Channel IP
Ethernet IP

The XSan can ping the Fibre Channel IP of the client systems.

The Client Systems can ping the Fibre Channel IP for the XSan.

The XSan and Client System cannot ping the IP Address for their ethernet connections (again the MDC in our environment uses just the Fibre Channel).

Now, theoretically is there the possibility that the XSan can work on just the Fibre Channel alone? Or does it require the MDC server to be connected to both the Fibre Channel and ethernet network of the client systems?

I just want to piece this together so I can bring this up with the other engineers and management.

Thank You

Thawk9455's picture

Still not entirely clear on your network config (and whether you have a fiber ethernet network and a fiber channel network or just a fiber channel network.

On the Xserve what do you have in the System Preferences > Network? Is there an active ethernet network? On the clients are there two, one your public regular network and one the private Xsan network?

gunhaxx's picture

Currently our environment has the standard public ethernet network and the private fiber channel network.

On the XSan:

Ethernet 1 - which currently is connected by ethernet to an ethernet/fiber card (again I did not set this up) connected to the fiber channel network.

On the client systems we have the following:

Ethernet 1 - For the public ethernet network.

Media Grid - This is the fiber card installed in the system connected to the fiber channel network.

Thawk9455's picture

Then you are running your XSAN private network over fiber as well. Do you have DNS configured for that network (each machine on the network)? Can you ping each fiber network port by it's appropriate DNS name?

abstractrude's picture

you say wahhhhhhh
is it a converged networking switch that has IP and FC on a single stack?

how are you network settings configured?

-Trevor Carlson
THUMBWAR

abstractrude's picture

wait now i get your confusion.... XSAN is a storage area network which consists of all the parts.

Storage (disks/SAN/FCSAN/storage subsystem)
Clients and Controllers (computers connected to SAN)
public network IP(computers connected to san to access internet and other non SAN information)
private network IP (dedicated network for SAN management traffic)
fibre network (fibre channel only network for data read/write operations)

Sounds like your missing the dedicated private network. If you really have fibre media ethernet lets call it optical ethernet to avoid confusion.

step1 all clients and controllers should be able to ping eachother on public network ip
step2 all clients and controllers should be able to ping eachother on public network ip <500ms
step3 all clients and controllers need to see fibre channel luns terminal: diskutil list (should see xsan components listed)
step4 (restart controllers)
step 5 (restart clients 5 minutes later)

-Trevor Carlson
THUMBWAR

gunhaxx's picture

Thank you for the quick responses.

It seems like the XServe running XSANS is also set up to be the dns on the fiber network as well.

Currently all of the client systems on the network are using the network/dns settings for the public ethernet network, as the settings for the Fiber Network as well (I would assume that for the Fiber Network Settings we should be pointing the DNS settings to the Xserve).

On the XServe, I checked the administration settings for DNS and it looks like only one of the client computers and the xserve itself are the only entries.

I added an entry for one of our client systems on the XServe DNS and changed the fiber settings for DNS on the client system to point to the xserve dns.

Still saying its unreachable or offline.

abstractrude's picture

public should be providing dns. thats how i usually set it up. make sure you controllers and clients can icmp each other first, your 5 steps ahead right now.

-Trevor Carlson
THUMBWAR

gunhaxx's picture

Reading over your response now trevor (my last post was before I saw your comment). I'm still fairly new to the concept of a SANS and never really worked with XSANS before so this really helps.

I will update as soon as I go over the details of your post.

gunhaxx's picture

Good Morning,

Regarding your inquiries above:

step1 all clients and controllers should be able to ping eachother on public network ip
Currently it seems like the xserve is set up as the primary controller.

All of the clients and the controller can ping each other.

step2 all clients and controllers should be able to ping eachother on public network ip <500ms

All of the clients and the controller can ping each other.

step3 all clients and controllers need to see fibre channel luns terminal: diskutil list (should see xsan components listed)

Yes all of the clients and the main controller see the fiber channel luns terminal in the diskutil list.

step4 (restart controllers)
Restarted
step 5 (restart clients 5 minutes later)
Restarted

Still no change, systems are still showing up as unreachable or offline.

abstractrude's picture

Can the controllers see each other in the computer list? Oh wait, you only have one controller dedicated? Or are one of the mac pros also a controller?

-Trevor Carlson
THUMBWAR

gunhaxx's picture

Just the xserve is a controller, all of the mac pro's are clients.

abstractrude's picture

do you need data on the volume? is the volume mounting on the controller?

-Trevor Carlson
THUMBWAR

Thawk9455's picture

I think it might be helpful to put the Xserve on the public ethernet network as well. The only thing that should occur on your private network is the metadata traffic.

gunhaxx's picture

The volume is mounting on the controller and yes we need the data on the volume.

Otherwise I would just re-build the environment from scratch...