Difference between revisions of "Network General Architecture"
Jump to navigation
Jump to search
| Line 3: | Line 3: | ||
- this is used for lights-out ipmi/serial management of hosts | - this is used for lights-out ipmi/serial management of hosts | ||
- in-band management network | - in-band management network | ||
| − | - Used for infrastructure ssh and other management connections on devices like switches or virtualization host. Containers/VMs are then connected to bridges that are mapped to networks. | + | - Used for underlying infrastructure control via ssh and other management connections on devices like switches or virtualization host. Containers/VMs are then connected to bridges that are mapped to networks. |
- service networks | - service networks | ||
| − | - This is used to serve up actual VM guests, containers and other devices on vlans outside of management networks for isolation and control. | + | - This is used to serve up actual VM guests, containers and other devices on vlans outside of management networks for isolation and control. This would serve up https, sftp, sql and a host of other service oriented protocols. access-control-lists, such as a firewall, should be used to limit access to these services and outside access should be corralled and limited to specific port. |
- storage networks | - storage networks | ||
- Just as the name implied this is used for attached storage purposes like SAN/NAS protocols such as iscsi, nfs, cifs. | - Just as the name implied this is used for attached storage purposes like SAN/NAS protocols such as iscsi, nfs, cifs. | ||
Revision as of 02:08, 4 May 2020
Basic Components of a Network
- out-of-band management network
- this is used for lights-out ipmi/serial management of hosts
- in-band management network
- Used for underlying infrastructure control via ssh and other management connections on devices like switches or virtualization host. Containers/VMs are then connected to bridges that are mapped to networks.
- service networks
- This is used to serve up actual VM guests, containers and other devices on vlans outside of management networks for isolation and control. This would serve up https, sftp, sql and a host of other service oriented protocols. access-control-lists, such as a firewall, should be used to limit access to these services and outside access should be corralled and limited to specific port.
- storage networks
- Just as the name implied this is used for attached storage purposes like SAN/NAS protocols such as iscsi, nfs, cifs.