Riverbed SteelHead 570-SD Installation Manual
Steelconnect 2.12
Hide thumbs
Also See for SteelHead 570-SD:
- In-field upgrade manual (84 pages) ,
- User manual (106 pages) ,
- User manual (124 pages)
Table of Contents
Advertisement
Quick Links
Download this manual
See also:
User Manual
Advertisement
Table of Contents
Troubleshooting
Subscribe to Our Youtube Channel
Related Manuals for Riverbed SteelHead 570-SD
Summary of Contents for Riverbed SteelHead 570-SD
- Page 1 SteelHead SD Installation Guide ™ Models 570-SD, 770-SD, 3070-SD SteelConnect 2.12 May 2019...
- Page 2 © 2019 Riverbed Technology, Inc. All rights reserved. Riverbed and any Riverbed product or service name or logo used herein are trademarks of Riverbed. All other trademarks used herein belong to their respective owners. The trademarks and logos displayed herein cannot be used without the prior written consent of Riverbed or their respective owners.
-
Page 3: Table Of Contents
About this guide.............................. 7 Document conventions......................... 7 Safety guidelines............................7 Documentation and release notes......................8 Contacting Riverbed ............................8 1 - SteelHead SD Overview ...........................9 Introducing SteelHead SD ..........................9 SteelHead SD software architecture ......................11 SteelHead SD port mapping between the VMs and physical ports..........11 New features in SteelConnect 2.12 ...................... - Page 4 Upgrading from SteelHead SD 2.0 to SteelConnect 2.12 ............21 Upgrading from SteelHead SD 1.0 to SteelConnect 2.12............. 21 Preparing your site for installation......................22 Before you begin ............................22 2 - Installing SteelHead SD..........................23 Configuring your network using SteelConnect Manager..............23 Defining an organization ........................24 Adding sites ............................25 Changing the default zone in a site ....................25 Adding shadow appliances .........................27...
- Page 5 Physical port to flows port mapping....................51 Service chain virtual machines ......................51 vSwitch mapped VM ports ........................52 Bridged VM ports for internal communication................53 SteelHead SD 3070-SD appliance ......................53 Physical ports ............................53 CVM ports ...............................53 Physical port to flows port mapping....................53 SVM ports..............................53 RVM ports ...............................54 vSH ports..............................54...
- Page 6 6 | Contents...
-
Page 7: Welcome
Welcome About this guide Welcome to the SteelHead SD Installation Guide. This guide describes how to install the Riverbed SteelHead SD 570-SD, 770-SD, and 3070-SD appliances when used in conjunction with SteelConnect SDI-130, SDI-330, SDI-1030, and SDI-5030 and SDI-2030 gateways. -
Page 8: Documentation And Release Notes
Safety and Compliance Guide. Before you install, operate, or service the Riverbed products, you must be familiar with the safety information. Refer to the Safety and Compliance Guide if you don’t clearly understand the safety information provided in the product documentation. -
Page 9: Steelhead Sd Overview
Introducing SteelHead SD SteelHead SD combines SD-WAN and cloud networking capabilities (powered by SteelConnect) with Riverbed WAN optimization (powered by RiOS) into a single appliance. SteelHead SD seamlessly integrates advanced SD-WAN functionality with industry-leading WAN optimization, security, and visibility services all in one streamlined appliance. SteelHead SD WAN optimization reduces bandwidth utilization and accelerates application delivery and performance, while providing SteelConnect integration in the SteelOS environment. - Page 10 Introducing SteelHead SD Typically, SteelHead SD appliances and the SteelConnect SDI-2030 gateway are located in the branch office in conjunction with SteelConnect SDI-5030 gateways at the data center. The SteelConnect SDI- 2030 gateway can also be deployed inline as a 1-GbE data center gateway with active-active HA. The SteelConnect SDI-2030 gateway can also serve as a very large branch office appliance with high throughput requirements.
-
Page 11: Steelhead Sd Software Architecture
SteelHead SD software architecture SteelHead SD software architecture SteelHead SD is based on the SteelOS infrastructure. It separates the control and data planes with internal virtual machine (VM) chaining, which provides management-plane autorecovery. Figure 1-2. SteelHead SD platform architecture SteelHead SD provides a flexible service platform, consisting of: •... -
Page 12: New Features In Steelconnect 2.12
New features in SteelConnect 2.12 The SteelHead SD AUX, LAN (LAN0_0, LAN0_1 or on the CX3070 LAN3_0, LAN3_1), and WAN (WAN0_0, WAN0_1 or on the CX3070 WAN3_0, WAN3_1) ports are connected to the SVM and RVM. Basically, there is a Layer 3 edge router on all of these ports. The AUX and WAN ports are configured as uplinks on SCM. -
Page 13: Zscaler And Cloudi-Fi Enhancements
New features in SteelConnect 2.12 – Shared services hubs are supported on SDI-1030, SDI-2030, and SDI-5030 gateways; SDI-VGW virtual gateways, AWS Cloud gateways; and Azure Cloud gateways. (You cannot configure an SDI-130 or SDI-330 gateway or a SteelHead SD appliance as a hub device.) Zscaler and Cloudi-Fi enhancements SteelConnect 2.12 includes these Zscaler and Cloudi-Fi enhancements: •... -
Page 14: Cold Standby Uplink Support
USB drive, create log files with a specific name, and list all log files. – support for system dumps. By default, when you request a system dump, it is uploaded to riverbed.support.com. You can also specify an external server for uploads in SCM under the Organization > System Dump tab. -
Page 15: Static Routing On Sdi Gateways And Steelhead Sd Appliances
New features in SteelConnect 2.12 • OSPF routing - With SteelConnect 2.12, you can distinguish between static and overlay routes for OSPF. This distinction enables you to configure redistribution policies separately for each type of route. For overlay OSPF routes, you can associate a site with the route redistribution policy which enables you to redistribute it based on the sites from which they were reported. - Page 16 New features in SteelConnect 2.12 • You can configure a LAN link as a backup HA link in case the AUX port is disconnected. If the AUX link goes down, you can use LAN-side connectivity to run the HA heartbeat, configure replication, and perform additional synchronization functions to avoid a split-brain HA condition.
-
Page 17: Routing Features By Model
Routing features by model Routing features by model Feature SteelHead- SDI- SDI-130 SDI-330 SDI-1030 SDI- SDI-VGW SD 570-SD, 2030 5030 770-SD, 3070-SD eBGP iBGP OSPF single area OSPF multi- area ABR ASBR Yes* Yes* Yes* Yes* (Underlay (Underlay (Underlay (Underlay routing inter- routing inter- routing inter-... -
Page 18: Hardware And Software Requirements
Hardware and software requirements Hardware and software requirements Riverbed component Hardware and software requirements SteelHead SD appliance The SteelHead SD 570-SD and 770-SD appliances are desktop models. The SteelHead SD 3070-SD appliance requires a 19-inch (483 mm) four-post rack. For details, see the Rack Installation Guide. -
Page 19: Snmp-Based Management Compatibility
NIC support Ethernet standard IEEE standard Gigabit Ethernet over Fiber 1000BASE-SX (LC connector) IEEE 802.3 - 2008 Gigabit Ethernet over Fiber 1000BASE-LX IEEE 802.3 - 2008 Gigabit Ethernet over Fiber 10GBASE-LR Single Mode IEEE 802.3 - 2008 Gigabit Ethernet over 10GBASE-SR Multimode IEEE 802.3 - 2008 SNMP-based management compatibility SteelConnect provides support for SNMPv1 and v2c polling, and event logging is supported on the... -
Page 20: Steelconnect Sd-Wan Service Licensing
• An email that contains the URL for connecting to SCM and the default login and password: admin and pppp. This email is requested by the sales team and sent by the Riverbed Cloud Operations team. If you don’t receive these emails, contact your sales representative or Riverbed Support at https://support.riverbed.com. -
Page 21: Upgrading From Steelhead Sd 2.0 To Steelconnect 2.12
Upgrading SteelHead SD Upgrading from SteelHead SD 2.0 to SteelConnect 2.12 SteelHead SD features require the virtual SteelHead (vSH) image, which is contained within the SteelConnect 2.12 image. All SteelHead SD 2.0 customers will be automatically upgraded to SteelConnect 2.12. SteelConnect automatically upgrades to 2.12 according to the schedule and restrictions you have set in SteelConnect Manager (SCM). -
Page 22: Preparing Your Site For Installation
Preparing your site for installation • The SteelConnect gateway bypass feature supported on SteelHead SD 1.0 is no longer supported on SteelConnect 2.12. If at any point the status of the virtual SteelHead instance shows a failure condition (for example, a reboot or a crash), the system stops sending traffic that was destined for the virtual SteelHead. -
Page 23: Installing Steelhead Sd
Installing SteelHead SD This chapter describes how to install and perform the initial configuration of the SteelHead SD appliance. It includes these sections: • “Configuring your network using SteelConnect Manager” on page 23 • “Cabling the SteelHead SD appliance” on page 35 •... -
Page 24: Defining An Organization
Configuring your network using SteelConnect Manager Defining an organization SCM uses these terms to describe the network: • Organization - A company representing an end customer. You can assign administrative rights to individual administrator accounts per organization. You can also manage appliances and licensing per organization. -
Page 25: Adding Sites
Configuring your network using SteelConnect Manager To change the default name and location of the organization 1. Choose Organization to display the default organization settings. 2. Change the organization name. 3. Click Submit. 4. Under location, type the company headquarters physical address. 5. - Page 26 Configuring your network using SteelConnect Manager Zones can cross sites. For example, for a business application that involves a call center that requires peer-to-peer networking, you can stretch a single zone across multiple sites, providing users all over the globe with one universal security policy applied to the same IP zone. You can add zones to any sites or any organization.
-
Page 27: Adding Shadow Appliances
SteelConnect gateway serial number. Registering appliances The SteelConnect serial number is in the email from Riverbed that you received when your sales order was confirmed. It is also available on the appliance label. The SteelConnect gateway serial number always begins with the prefix XN. - Page 28 Configuring your network using SteelConnect Manager The SteelHead SD 3070-SD label is located on top of the appliance. The SteelHead SD 570-SD, 770-SD labels are located on the side of the appliance. Figure 2-2. SteelConnect serial number and MAC address Important: Make sure you register your appliances using the SteelConnect serial number starting with XN.
-
Page 29: Configuring The Primary And Lan Ports In Scm
Configuring your network using SteelConnect Manager The provisioning server hands off the appliance when it connects into the particular organization and site. It gives the appliance its configuration, brings it online, performs all firmware upgrades, and enables your settings on the appliance. This automatic provisioning makes the appliances easily replaceable, if necessary. - Page 30 Configuring your network using SteelConnect Manager 3. Select the primary port to expand the page. Figure 2-5. Configuring the primary port 4. Select SteelHead Primary for the Port mode. 5. Optionally, provide a description of the port. 6. Click Submit. 30 | Installing SteelHead SD...
-
Page 31: Assigning The In-Path Ip Address And Default Gateway In Scm
Configuring your network using SteelConnect Manager 7. Select the LAN port for the SteelHead SD appliance. The Info/Mode tab is displayed. Figure 2-6. Configuring the LAN port 8. Select Singlezone for the Port mode. 9. Select the zone from the drop-down list. 10. -
Page 32: Configuring Steelconnect To Act As Dhcp Server
Configuring your network using SteelConnect Manager To assign the in-path IP address and default gateway in SCM 1. In SCM, choose Network Design > Zones. 2. Select the zone with the SteelHead SD appliance to expand the pane. The IP tab is displayed. 3. - Page 33 Configuring your network using SteelConnect Manager To configure SteelConnect to act as a DHCP server 1. When you cable the appliance, make sure you connect the LAN port and primary port to the same switch. 2. Choose Networks Design > Zones. 3.
- Page 34 Configuring your network using SteelConnect Manager 8. Click Submit. Figure 2-9. DHCP/RA Server setting to On 9. Choose Appliances > Ports to associate the LAN port to the appropriate Zone. 10. Select the site with the SteelHead SD appliance from the drop-down list. 11.
-
Page 35: Cabling The Steelhead Sd Appliance
Cabling the SteelHead SD appliance Cabling the SteelHead SD appliance In SteelHead SD, both the WAN and LAN ports are connected through the service virtual machine (VM). The key task is to connect at least one WAN port to an uplink from a service provider that provides a path to the internet: •... -
Page 36: Cabling The Steelhead Sd Appliance
Cabling the SteelHead SD appliance Port Description WANX_X WAN ports function as uplinks for internet service providers that connect to the internet. Connect the WAN port to a WAN router using a straight-through cable. For SteelHead SD 570-SD and 770-SD appliances, the default internet access port is WAN0_0 or WAN0_1. -
Page 37: Enabling Wan Optimization In Scm
Enabling WAN optimization in SCM 3. Connect at least one WAN port to an uplink from a service provider. For example, on a SteelHead SD 570-SD or 770-SD appliance, use a straight-through cable to connect the WAN0_0 or WAN0_1 port to a WAN router. -
Page 38: Identifying The Primary Ip Address Of The Steelhead
Enabling WAN optimization in SCM 3. Select the Services tab. Figure 2-14. Enabling WAN optimization in the SCM 4. Under WAN Optimization Service, fill out these required session attributes: • WAN Optimization Service - Click Enabled to enable the WAN optimization service for the selected SteelHead SD appliance. -
Page 39: Enabling Wan Optimization On The Virtual Steelhead Instance
Enabling WAN optimization on the virtual SteelHead instance • When SteelConnect acts as the DHCP server - You can set the SteelConnect virtual gateway to act as a DHCP server and identify the primary IP address for the SteelHead in SCM. To view the SteelHead primary IP address in SCM, choose Appliances >... - Page 40 Enabling WAN optimization on the virtual SteelHead instance 4. Choose Networks > Networking: In-Path Interfaces. Figure 2-15. In-Path Interfaces page 5. Select the interface to expand the page. Figure 2-16. Configuring the in-path interface 6. Type the IP address that you obtained from SCM. For details, see “To assign the in-path IP address and default gateway in SCM”...
-
Page 41: Next Steps
The certificate from license server doesn’t match the private key If an error is displayed stating that there is no valid certificate. This means that the appliance entitlement certificate is out of date and the certificate on the license server needs to be validated. Contact Riverbed Support at https://support.riverbed.com. - Page 42 Troubleshooting 42 | Installing SteelHead SD...
-
Page 43: A - Steelhead Sd Technical Specifications
SteelHead SD Technical Specifications This appendix describes the status lights, ports, and technical and environmental specifications for SteelHead SD 570-SD, 770-SD, and 3070-SD appliances. It includes these sections: • “SteelHead SD 570-SD and 770-SD appliance specifications” on page 43 • “SteelHead SD 3070-SD appliance specifications”... -
Page 44: Technical Specifications
SteelHead SD 570-SD and 770-SD appliance specifications This table summarizes the system LEDs. Status System Healthy = Blue Degraded = Yellow Critical = Red Power Off = None Power Button LED System Off = No Light Standby Mode = Yellow Power On = Blue Hard Drive LED Activity = Blinks Blue... -
Page 45: Environmental Specifications
SteelHead SD 3070-SD appliance specifications Specification 570-SD desktop L-M-H 770-SD desktop L-M-H Weight 5.5 lb 5.5 lb (without 2.4 kg 2.4 kg packaging) Voltage 100-240 V 100-240 V frequency 50-60 Hz 50-60 Hz Single 84 W Single 84 W External External 100-240 VAC, 50/60 Hz, 100-240 VAC, 50/60 Hz,... -
Page 46: Status Lights And Ports
SteelHead SD 3070-SD appliance specifications Status lights and ports Figure A-3. SteelHead SD 3070-SD appliance front panel with LEDs and buttons Figure A-4. SteelHead SD 3070-SD appliance back panel Note: On the SteelHead SD 3070-SD appliance, the appliance uses the NIC in slot 3 for the default interface names so the ports are labeled WAN3_0 and WAN3_1. - Page 47 SteelHead SD 3070-SD appliance specifications This table summarizes the appliance LEDs and buttons. Reference LED/Button Description System ID Button with Maintenance = Blue Integrated LED Toggles the integrated ID LED and the blue server board ID LED on and off. The System ID LED identifies the system for maintenance when installed in a rack of similar server systems.
-
Page 48: Technical Specifications
SteelHead SD 3070-SD appliance specifications Reference LED/Button Description LEDs on Default 4-Port Link/Activity LED Copper Bypass Card Link = Green Activity = Blinks green Speed/Bypass/Disconnect LED 1000 Mbps = Yellow 100 Mbps = Green 10 Mbps = Off Bypass = Blinks green Disconnect = Blinks yellow LEDs on Power Supply Power on and healthy = Green... -
Page 49: Power Requirements And Consumption
SteelHead SD 3070-SD appliance specifications Power requirements and consumption This table summarizes the power specifications for the appliances. The appliances are rated at the following power characteristics when operating at nominal AC input voltages (120 V and 230 V). System 3070-SD 3070-SD Configuration... - Page 50 SteelHead SD 3070-SD appliance specifications 50 | SteelHead SD Technical Specifications...
-
Page 51: B - Port Mapping For Steelhead Sd
Port Mapping for SteelHead SD This appendix summarizes the port mapping for SteelHead SD appliances. It includes these sections: • “SteelHead SD 570-SD and 770-SD appliances” on page 51 • “SteelHead SD 3070-SD appliance” on page 53 SteelHead SD 570-SD and 770-SD appliances Physical ports The SteelHead SD 570-SD and 770-SD appliances have these ports: •... -
Page 52: Vswitch Mapped Vm Ports
SteelHead SD 570-SD and 770-SD appliances vSwitch mapped VM ports The vSwitch port mapping state can be fetched at runtime using this command on the CVM: XNXXXXD8XXXA9FF9-CVM:>orchestrator-agent --get_port_interface_mapping Node name Interface name Port knet2 knet3 knet4 LAN0_0 knet5 WAN0_0 knet6 LAN0_1 knet7 WAN0_1... -
Page 53: Bridged Vm Ports For Internal Communication
SteelHead SD 3070-SD appliance Bridged VM ports for internal communication Source Port IP address Protocol Remote end Purpose name port1 169.254.0.2 Static Hypervisor mgmt_br bridge Connects to hypervisor port2 169.254.169.254 Static Hypervisor linklocal_br bridge Connects to service chain VMs port1 —* Static* Hypervisor linklocal_br bridge... -
Page 54: Rvm Ports
SteelHead SD 3070-SD appliance RVM ports There are four more virtual NICs in RVM for each physical add-on NIC. vSH ports The vSH has these ports: • hpn, PRI, AUX, LAN0_0, WAN0_0, inpath0_0 vSH has only one LAN-WAN pair and will not change with the addition of any physical add-on NIC. 54 | Port Mapping for SteelHead SD... -
Page 55: C - Steelconnect Connection Ports
Gateways only HTTP redirect for portal Uplink IP rfl.x.riverbed.cc reflector SteelConnect core.riverbed.cc/ Manager/Core core.ocedo.cc Server Portal 80/443 <hostname>.riverbed.cc -or- <hostname>.ocedo.cc Configuration 3900 <hostname>.riverbed.cc -or- <hostname>.ocedo.cc and API Tunneled SSH 3901 <hostname>.riverbed.cc -or- <hostname>.ocedo.cc Reporting 3902 <hostname>.riverbed.cc -or- <hostname>.ocedo.cc SD-WAN 3904 <hostname>.riverbed.cc -or- <hostname>.ocedo.cc... -
Page 56: Inbound/Outbound Connections
Ports for UDP, TCP, and ICMP connections Inbound/outbound connections Service Protocol Default port Destination AutoVPN 500/4500 Tunneled SSH client connections Service Protocol Default port Destination Workstation 3903 <myCC>.riverbed.cc SSH proxy 3903 <myCC>.riverbed.cc 56 | SteelConnect Connection Ports...
Need help?
Do you have a question about the SteelHead 570-SD and is the answer not in the manual?
Questions and answers