BladeSystem - General
cancel
Showing results for 
Search instead for 
Did you mean: 

IP address restriction Onaboard Administrator

SOLVED
Go to solution
JHA
Occasional Contributor

IP address restriction Onaboard Administrator

I have five c7000 enclosures connected and "linked". To be able to enable trusted hosts and simultaneously login on all enclosures it seems that the IP from each OA has to be in the trusted addresses list. However the limit of addresses in the list is five entries which makes no room to add the two addresses of our administrator servers which we're using to connect with either SSH or HTTP. Anyone know why the limitation is set to five entries? or if you're not supposed to use "linked" enclosures with IP address restriction?
I'm using firmware 2.32 and can't find anything in the documentation about the limitations.
4 REPLIES
The Brit
Honored Contributor

Re: IP address restriction Onaboard Administrator

I'm not sure if this is relevent to your limitation in the "Trusted Host List", however I was listening in to a Blade Management Webinar yesterday and I remember it being mentioned that the maximum number of linked enclosures in a VC Domain is 4.

You don't mention whether you are using Virtual Connect, so I dont know if this is relevent. But it might give you a direction to investigate.

Dave.
WFHC-WI
Honored Contributor
Solution

Re: IP address restriction Onaboard Administrator

It was also my belief that the number of linked enclosures was limited to 4. Per HP documentation the enclosure link ports are meant to connect only enclosures within the same rack. Assuming a 42U rack, you'd be hard-pressed to get 5 of them to fit! :)

I do agree that limiting the number of entries to 5 is a design flaw. What I think I would do in your case is to designate one (or two) of the enclosures as primary connection points. Consider this example:
enc_1
enc_2
enc_3
enc_4
admin_srv_1
admin_srv_2

enc_1 is my primary connection point to all enclosures, enc_2 is my backup connection point to all enclosures.

On enc_1, add trusted entries admin_srv_1, admin_srv_2, enc_2.
On enc_2, add trusted entries admin_srv_1, admin_srv_2, enc_1.
On enc_3, add trusted entries enc_1, enc_2.
On enc_4, add trusted entries enc_1, enc_2.

This way, you access the admin servers, go through enc_1 or enc_2, and can reach any enclosure. Since you have space you can even add admin_srv_1/2 IPs to enc_3/4 so that you can access them individually should the need arise (link cable fail for instance).

Good luck!
JHA
Occasional Contributor

Re: IP address restriction Onaboard Administrator

Thanks for the answers, well I guess I live without the ip address restriction until it (if it will) support more entries. If only 4 enclosures is supported linked (using VC or not). The fact that they should exist within the same rack doesn't fall out to well with how the enclosures are placed nor the number of admin servers. Until the list is extended I'll live without it since I still want all the five enclosures linked.
Adrian Clint
Honored Contributor

Re: IP address restriction Onaboard Administrator

I think that the max number of linked enclosures in a VC domain is 4 not because this is a VC issue but a multiple enclosure VC domain is the same as the maximum no of enclosures that can be linked together by the OAs... which is 4.
Which is the issue you have.

I'm wondering if the new OA module with KVM will have the same 4 enclosure restriction.

I think the reason for having the ability to see more than one enclosure was as has been mentioned ... to see all the enclosures in a rack from one screen.