toasters

toasters@lists.teaparty.net

13520 discussions

Re: Netapp nfs over tcp
by mds＠gbnet.net 15 Feb '99

15 Feb '99

Oooooooooh. An idea is aborning.... How about allowing filers admins to specify the protocol capability profile that a client is allowed to see on a client-by-client basis in a file not unlike the name-mapping files and exports files and quotas files that we already use... Then we could have NFS-over-TCP turned on for WAN clients but turned off for LAN clients and can experiment with NFS3/2 - all by configuring at the server end (one place) rather than at the client end (many places). Thoughts?

3 2

subscription
by Michael Chong 13 Feb '99

13 Feb '99

Michael M. Chong Web Server Düde The Motley Fool http://www.motleyfool.com

1 0

RE: Can Netapp F700 series do load balancing via NT without using a Virtual IP?
by Sam Schorr 13 Feb '99

13 Feb '99

Keith, We have struggled with this same problem. However, in our case, the "clients" are actually IIS systems in a Virtual IP site. We had tried to have 2 NICs in the IIS NT "clients", one connecting to the shared net that also had the PDC, WINS, DNS and other servers on one subnet, while we had the filer and our SQL server on another sunet. The second subnet I'll call a "backchannel", the idea being to have requests from the IIS "clients" routed to the filer or database through the "backchannel". What we ran into was that even though we put this backchannel on its own switch, and even though we specifically called the filer by the IP address via UNC (ie, \\filerIP\sharename), NT still treats this as a string, not an IP. Thus, NT would try to resolve this through WINS, which it routed through the other subnet!! (the one the WINS server could 'see'). We tried many tricks including using the NOWINS and NOBROADCAST settings on the second NIC in the filer. We still have not been able to get a second subnet going. Can you suggest what we may be missing? Sam -----Original Message----- From: Keith Brown [mailto:keith@netapp.com] Sent: Friday, February 12, 1999 2:53 PM To: Mike Ball; toasters(a)mathworks.com Subject: Re: Can Netapp F700 series do load balancing via NT without using a Virtual IP? >I am assuming [Windows NT] sees the filer as a multihomed server and sees all four IP's >But does it load balance between the 4 ports on the quad card? A commonly asked question. I think I used to have a pointer to a Microsoft document that described this, but apparently that has gone walk-about, so I'm afraid you're stuck with my from-memory verbage below for now... The Windows NT client usually starts out with the filer's name. It uses this name to queery WINS and gets returned a list of IP addresses (assuming the filer is multihomed). It then goes through the list of returned addresses and compares them with the address on its own, usually single interface. First it looks for an address to use that is on the same IP subnet as it finds itself on. If it finds multiple of those, it picks one at random, which will tend to balance the load to a single filer that has multiple interfaces connected to that same subnet as the client. If it doesn't find a match, it will look for an interface in the same IP network as it finds itself on. Again, if it finds multiple of those it will pick one at random, tending to balance the load to the target's interfaces. Finally, if it finds none of the above, it will just pick an address to use at random and go for it. Per our 5.1 releases of Data ONTAP and higher, you also have the ability to control which interfaces the filer will register with WINS. This gives you the ability to stop certain Windows clients from choosing interfaces on the filer which they might not be able to access for various topological and/or routing issues. Keith

1 0

RE: FW: FW: URGENT!!!! FW: NetApp Filer software versions 5.x: po ten tial har dware killer (fwd)
by Madison, Shannon 12 Feb '99

12 Feb '99

"Jason Downs" wrote: > Oh, and by the way: Keep in mind that _I am a customer_. > Attacking me or making snide comments instead of > addressing the issues that I've raised does NOT encourage > me to purchase more Network Appliance products. Please accept my humblest apologies. There was never any intention on the part of myself, Radek, or Network Appliance to insult you or your opinions. -Shannon Madison

1 0

Re: Can Netapp F700 series do load balancing via NT without using a Virtual IP?
by Keith Brown 12 Feb '99

12 Feb '99

>I am assuming [Windows NT] sees the filer as a multihomed server and sees all four IP's >But does it load balance between the 4 ports on the quad card? A commonly asked question. I think I used to have a pointer to a Microsoft document that described this, but apparently that has gone walk-about, so I'm afraid you're stuck with my from-memory verbage below for now... The Windows NT client usually starts out with the filer's name. It uses this name to queery WINS and gets returned a list of IP addresses (assuming the filer is multihomed). It then goes through the list of returned addresses and compares them with the address on its own, usually single interface. First it looks for an address to use that is on the same IP subnet as it finds itself on. If it finds multiple of those, it picks one at random, which will tend to balance the load to a single filer that has multiple interfaces connected to that same subnet as the client. If it doesn't find a match, it will look for an interface in the same IP network as it finds itself on. Again, if it finds multiple of those it will pick one at random, tending to balance the load to the target's interfaces. Finally, if it finds none of the above, it will just pick an address to use at random and go for it. Per our 5.1 releases of Data ONTAP and higher, you also have the ability to control which interfaces the filer will register with WINS. This gives you the ability to stop certain Windows clients from choosing interfaces on the filer which they might not be able to access for various topological and/or routing issues. Keith

1 0

RE: Netapp nfs over tcp
by Thompson, Arnold 12 Feb '99

12 Feb '99

The change is dynamic, but be advised you will need to re-mount the clients to actually use NFS over TCP. > -----Original Message----- > From: Keith Brown [mailto:keith@netapp.com] > Sent: Friday, February 12, 1999 2:20 PM > To: toasters(a)mathworks.com; Gordon Keegan > Subject: Re: Netapp nfs over tcp > > > >Does anyone know if this would affect current > >mounts if we just enable it at the filer command line with > >"options nfs.tcp.enable on", or can that be done? > >Is it a fairly transparent thing or should we schedule > >down time? > > Down time? Heavens no! The words "down" and "time" are > considered very ugly > around these parts when used adjacently. :-) > > I had no reason to believe that this would not be the case, > but just to be on > the safe side I did a little double-check on a filer here for > you, and sure > enough you have nothing to be afraid of. Go ahead and enable > TCP at your > leisure... > > Keith > >

1 0

Re: Netapp nfs over tcp
by Keith Brown 12 Feb '99

12 Feb '99

>Does anyone know if this would affect current >mounts if we just enable it at the filer command line with >"options nfs.tcp.enable on", or can that be done? >Is it a fairly transparent thing or should we schedule >down time? Down time? Heavens no! The words "down" and "time" are considered very ugly around these parts when used adjacently. :-) I had no reason to believe that this would not be the case, but just to be on the safe side I did a little double-check on a filer here for you, and sure enough you have nothing to be afraid of. Go ahead and enable TCP at your leisure... Keith

1 0

Re: Bugtraq item about Netapps.
by sirbruce＠ix.netcom.com 12 Feb '99

12 Feb '99

On 02/11/99 20:22:28 you wrote: > >http://www.geek-girl.com/bugtraq/1999_1/0594.html > >I think that falls into the "Doc, it hurts when I do that" category, but >it's a good reminder anyway. The message, however, is just wrong in many places. I'll quote it below to pick apart. Jason Downs writes: >Filer's typically have an "admin host" which can mount and read/write to the >filer root directory. Without it, it's impossible to do any sort of system >maintenance on the filer. This simply isn't true; there's many sorts of system maintenance that can be done on the console without an admin host, and even moreso now with Web-based administation. One doesn't even have to have a permanent admin host... you could just briefly export the root directory for a quick update, then unexport it from the filer console. >If this host is compromised it's obviously bad news for the filer. But now, >apparently new with the 5.x revisions of the filer operating system, a >malicious individual can likely destroy the disk drive hardware itself. >It is not known if any sort of sanity check is done on the contents of the >firmware files; it's likely there is none, considering the type of code they >contain. This isn't new; a malicious individual could potentially effect firmware in previous versions. This is potentially the case in almost any OS... although I admit, 5.x makes it a little "easier" to do so. Firmware also isn't hardware, although bad firmware could theoretically lead to physical damage of the disk drive hardware mechanism. >Of course, it is trivial to gain command line access to a filer once the >admin host is compromised. They use what amounts to /etc/hosts.equiv for rsh >access. Wrong. People keep thinking the admin host is some mythical authoritative host. It isn't. It's nothing. Forget the term. You *can*, if you like, allow one or more hosts to telnet into the filer, rsh into it without a password, or mount it's root partitions. These are no more or no less a factor in the filer than in any other system, and you are perfectly capable of *not* allowing a host to do any of the above. The filer will continue to work. >It has always been important to make sure the "admin host" of a filer is >secure. This is true. >Now it seems Network Appliance has just raised the stakes; not >only can you lose your data, but you can also potentially lose hundreds >of thousands of dollars worth of hardware. This isn't true, and no one should be doing risk-analysis assuming that a user accessing a system through software can't do damange to the hardware underneath. Jason, I'm CC:ing you on this; you're free to insert it into the bugtraq archive record if you wish since I don't subscribe to it. Bruce

8 8

Can Netapp F700 series do load balancing via NT without using a Virtual IP?
by Mike Ball 12 Feb '99

12 Feb '99

I am trying to find out if you can do load balancing on a filer box w/o using a virtual IP? For example, if I have a quad Ethernet card installed in a F760 with the ports assigned to IP's 10.0.0.1, 10.0.0.2, 10.0.0.3 and 10.0.0.4 how does NT 4.0 deal with accessing the filer? I am assuming it sees the filer as a multihomed server and sees all four IP's. But does it load balance between the 4 ports on the quad card?

1 0

Can Netapp F700 series do load balancing via NT without using a Virtual IP?
by Mike Ball 12 Feb '99

12 Feb '99

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

toasters