Table of Contents
Advertisement
Chapter 14: Secure Mobility® MatriX
Network Requirements
Ensure that your BSC network meets the following requirements before you configure the
BSC load sharing feature on up to six BSCs in a load sharing group.
•
We recommend that you assign a fixed IP address to the protected interface for each
BSC in the load sharing group (LSG) because during a load sharing failover event,
the interface state might change such as to conflict with the DHCP client.
•
You may connect the managed side and the protected side of the BSCs to a switch.
•
We recommend that all BSCs in an LSG have a single subnet on the managed side, a
different single subnet on the protected side, and be running NAT.
If you wish to configure load sharing on BSCs that have multiple subnets on the
managed side with NAT disabled, then you must follow the guidelines given in
"Configuring BSC Load Sharing (No NAT)" on page 14-22.
•
Some load sharing information is replicated (like the load sharing nodes and virtual
addresses), but you should mirror the "physical" (including VLAN) interface settings
on LSG members so that the only differences between the BSCs are their IP
addresses. All the other physical interface settings should be identical.
•
The Load Sharing Master must serve as the DHCP server for all managed side clients.
•
You must first configure the Replication feature for all BSCs that are to have
membership in an LSG.
•
All BSCs in the local Replication setup are eligible for membership in a load sharing
group, however a given LSG may have a maximum of six members.
•
Be sure to include the Replication Master in the Replication Nodes list when
configuring Replication.
•
The configured Replication Master acts as the Load Sharing Master in an LSG. The
Load Sharing Master manages configuration of the LSG, controls all broadcast traffic
through the LSG, runs a DHCP server to assign IP addresses to the managed and
protected interfaces of LSG members, and is the point-of-configuration for the BSC
administrator.
Note: Secure Mobility roaming is supported on VLANs within a Load Sharing Group,
but not from a BSC outside of the Load Sharing Group.
•
All BSC failover ports in the LSG must be interconnected. Use a switch when
connecting three or more LSG members. You may use a crossover cable to connect
the failover ports directly in a two-member LSG for all BSC models
1200; For the BSC-1200, you must use a straight-through cable.
Do not inter-connect the failover ports of the BSCs in the LSG until load sharing has
been configured and enabled on the Load Sharing Master.
BSCs in the LSG share Keep Alive and State Information over the BSC Failover Ports.
During a LSG failover event, the BSC with the lowest node ID will take over for the
failed BSC by updating its own network settings and those of the clients that were
assigned to the failed BSC.
If the LS master fails, the adjacent node in the LSG will take over DHCP
responsibilities. For DHCP redundancy to work within the LSG, the DHCP server must
be enabled on all LS nodes, and all nodes must have the same DHCP configuration.
Configuring BSC Load Sharing (Single Subnet, NAT Enabled)
To configure the BSC load sharing feature (using single subnet mode with NAT enabled),
you must first set up a standard replication configuration as described starting in "Step 1:
Set Up Replication on the Master" on page 14-12. You can then configure the load
14-18
except
the BSC-
Advertisement
Table of Contents
