11-01-2023 05:25 AM
Hi
I’m hoping you can help me.
We’re currently in the process of deploying a NDFC cluster and as part of this I’m trying to understand the roles of persistent IPs for the management service under external service pools.
We’re looking to do layer 3 POAP from the management (OOB) network and so from what I can see we need 2 persistent IPs in the management network. From NDFC these are listed as:
These look to be virtual addresses that basically float between ND cluster nodes in the event of failure to ensure consistent addresses for devices to target.
So my questions relating to these IPs are:
I’ve had a read round and can’t find anything that really clarifies this so any help is appreciated.
Thanks
Malc
11-01-2023 07:54 AM - edited 11-01-2023 07:54 AM
Hello @malcolmsalmons,
In the context of your NDFC cluster and Layer 3 POAP setup, you should configure the IP helper address on the switch management VLANs to point to the persistent IP address associated with the PoAP-mgmt-http-ssh service. This is the address that should be used for DHCP relay so that devices in the management VLAN can receive IP addresses and other configuration information.
You can manage the NDFC cluster using the persistent IP (PoAP-mgmt-http-ssh) like a VIP. It's typically used for management and provides a consistent point of access to the NDFC cluster. You don't necessarily need to access the NDFC servers directly. Ensure that your firewall rules allow traffic to and from the persistent IP address for management purposes. The NDFC cluster nodes should have proper connectivity to this persistent IP.
11-02-2023 03:47 AM
Hi
Thanks for the response and info.
Do you have any links or documents where this behavior is explained or is this something that you've seen when deploying NDFC?
Thanks
Malc
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide