4 Apr
2016
4 Apr
'16
10:20 p.m.
I'm running into some problems with the network layout on our AFF8020 running CDOT 8.2.3.
It seems that using a private layer 2 vlan for node management provides the significant benefit of reducing potential attack sources to servers on that private vlan (where such vlan has a small number of hosts, all with lots of access restrictions, none of which run DNS, ntp, SMTP services).
I was hoping to use port forwarding from a server in that vlan to enable things like https, DNS, ntp, and smtp, but have not been successful yet. Before I spend too much more time on it, I thought I should check to see whether others have had success with similar network topology.
--
Brian Parent
Information Technology Services Department
IT Infrastructure Operations Group
Workplace, Internal, Research, and Educational Platforms (WIRE) team
UC San Diego
(858) 534-6090