Support for multiple network interfaces
Introduction
CLM supports configuring different network interfaces to handle the following types of traffic in a multi-homed system.
-
A client network interface can be used for connecting users to CLM GUI and to connect external OSS systems to CLM.
-
An internal network interface can be used to handle traffic between CLM systems that does not need to be accessed by external systems or with managed network elements. Internal traffic includes, but is not limited to, resync of network topology information, security communications, application registration and data synchronization between redundant entities.
-
A mediation network interface can be used to communicate with network elements (provisioning, NE database backups, monitoring, operations, etc).
Support and limitations of CLM deployer nodes and CLM clusters
A CLM cluster can be configured with network interfaces for client traffic, for internal network management traffic, and for managed network traffic. In a multi-node CLM cluster, each node must have the same number of interfaces. Each node of the CLM cluster must have mediation network connectivity to all managed NE devices
A deployer node must have connectivity to all CLM cluster nodes on the internal network. The deployer node must also have access to the client network.
There is no requirement on the CLM cluster to use the first network interface (eg. eth0, bge0) to communicate with client applications.
Additional network interfaces can be configured on the CLM cluster, at the customer's discretion, for other operations such as archiving database backups or activity logs.
When using custom TLS certificates in a multi-network configuration, the CLM server certificate requires the IP address or hostname or FQDN of the client network interface (or virtual IP) and the IP address or hostname or FQDN of the internal network interface (or virtual IP) in the certificate SAN field.
Multi-interface support in IPv4 and IPv6 networks
The CLM cluster can use IPv4 or IPv6 addressing on the client, internal and mediation network interfaces. In addition to the limitations and restrictions documented in section 4.2.1, the following conditions apply:
-
The CLM cluster can only use IPv4 or IPv6 communications on the client network interface and on the internal network interface. The system network interfaces can have both IPv4 and IPv6 addresses assigned, but CLM communications on those interfaces can only use IPv4 or IPv6.
-
The CLM cluster mediation interface supports IPv4 only, IPv6 only and IPv4 and IPv6 simultaneously. When CLM is configured with IPv4 and IPv6 mediation simultaneously, the CLM must have a dedicated mediation interface not shared with client and internal network communications.
-
In a CLM deployment with separate network interfaces for client and internal communications, the client and internal networks must both use IPv4 or IPv6 addressing. Example, client communications on IPv4 and internal communications on IPv6 is not supported.
Multi-interface CLM deployment and traffic management policies
The following table summarizes the traffic management policies for a CLM cluster deployment by each network or network interface.
Table 7-1: CLM cluster communications by network interface
|
Network description |
Permitted communications |
|---|---|
|
Client network |
Client communications Kafka communications on ports 9092, 9093, 9094, 9192, 9193, 9194 |
|
Internal network |
All communications between cluster nodes and deployer node Kafka communications on ports 9292, 9293, 9294 |
|
Mediation network |
Mediation communications |
The CLM cluster can communicate with some external elements on any network interface, including
Each node in an NSP cluster must allow the same traffic on each network interface.