Fibre Channel (SAN)

Reply
New Contributor
Posts: 3
Registered: ‎09-28-2006

How to solve FCoIP with two firewall and two NAT?

[ Edited ]

In my case,I want to implement a DR by HP P6000 over FCoIP.

My topology as follow:

P6000storage==HP 1606(B7800)--(NAT)--Firewall---Firewall--(NAT)--HP 1606(B7800)==P6000Storage

                              ge0:172.16.0.128   a.b.216.35                a.b.0.81      ge0:172.20.1.81

                               gw:172.16.0.254                                                         gw:172.20.0.20

Hp 1606's firmware is v7.0.0c.The only License is "Enhanced Group Management license" by licenseshow.

Routes with domain id 31 & 32.

I do as follow,by no fcipcircuit can create,alway in "InProg" status. my steps:

local:

portcfgpersistentdisable 16-23

portcfg ipif ge0 create 172.16.0.128 255.255.255.0 1500

portcfg iproute ge0 create a.b.0.0 255.255.255.0 172.16.0.254

portcmd --ping ge0 -s 172.16.0.128 -d a.b.0.81 ##ping ok

portcfg fciptunnel 16 create a.b.0.81 172.16.0.128 100000

portcfg fcipcircuit 16 create 1 a.b.0.81 172.16.0.128 100000

portcfgpersistentenable 16

 

remote: portcfg ipif ge0 create 172.20.1.81 255.255.0.0 1500

portcfg iproute ge0 create a.b.216.0 255.255.255.0 172.20.0.20

portcmd --ping ge0 -s 172.20.1.81 -d a.b.216.35

portcmd --traceroute ge0 -s 172.20.1.81 -d a.b.216.35 ##ping ok

portcfg fciptunnel 16 create a.b.216.35 172.20.1.81 100000 -c 2

portcfg fcipcircuit 16 create 1 a.b.216.35 172.20.1.81 100000

portcfgpersistentenable 16

 

admin> portshow fcipcircuit all

------------------------------------------------------------------------------- Tunnel Circuit OpStatus Flags Uptime TxMBps RxMBps ConnCnt CommRt Met ------------------------------------------------------------------------------- 16 1 ge0 InProg ---4--s 0s 0.00 0.00 0 100/100 0

 

when I call brocade supporter,he told me that 7800 is not support 2 NAT? Is that true ? only have a case,use once NAT,first upgrade firmware,and with many configure

 

any one can help me ?TKS

Valued Contributor
Posts: 761
Registered: ‎06-11-2010

Re: How to solve FCoIP with two firewall and two NAT?

hi,

 

try using the -connection-type (default|listener|initiator) parameter. As per the FCIP Admin guide, there could be problems configuring the tunnel in a NAT environment if this parameter is not configured.

 

rgds

New Contributor
Posts: 3
Registered: ‎09-28-2006

Re: How to solve FCoIP with two firewall and two NAT?

tks,I will test it tomorrow

 

Is that mean I must create 2 tunnel for send  & receive.

try -C 2,initiator.

>portcfg fciptunnel 16 create a.b.0.81 172.16.0.128 100000 -C 2

 

> portshow fcipcircuit all
-------------------------------------------------------------------------------
 Tunnel Circuit  OpStatus  Flags    Uptime  TxMBps  RxMBps ConnCnt CommRt Met/G
-------------------------------------------------------------------------------
 16     0 ge0     Disable -I-4--s       0s    0.00    0.00    0   100/100   0/-
-------------------------------------------------------------------------------
 Flags: circuit: s=sack v=VLAN Tagged x=crossport 4=IPv4 6=IPv6
                 L=Listener I=Initiator

New Contributor
Posts: 3
Registered: ‎09-28-2006

Re: How to solve FCoIP with two firewall and two NAT?

[ Edited ]

,update my topology

 

 

 

P6000storage==HP 1606(B7800)--(NAT)--Firewall---Firewall--(NAT)--FW(NAT)---HP 1606(B7800)==P6000Storage

                              ge0:172.16.0.128   a.b.216.35                a.b.0.81        ?        ge0:172.20.1.81

                               gw:172.16.0.254                                                                   gw:172.20.0.20

It's with twice NAT remotesite......

 

.

after configure --conection-type with I & L at two site.portshow fcipcircuit still Inprog status. VE port is offline

dl_1606

 Tunnel Circuit  OpStatus  Flags    Uptime  TxMBps  RxMBps ConnCnt CommRt Met/G
-------------------------------------------------------------------------------
 16     0 ge0     InProg  -I-4--s       0s    0.00    0.00    0  1000/1000  0/-

 

 

sy_1606:admin> portshow fcipcircuit all
-------------------------------------------------------------------------------
 Tunnel Circuit  OpStatus  Flags    Uptime  TxMBps  RxMBps ConnCnt CommRt Met/G
-------------------------------------------------------------------------------
 16     0 ge0     InProg  -L-4--s       0s    0.00    0.00    0  1000/1000  0/-
-------------------------------------------------------------------------------
 Flags: circuit: s=sack v=VLAN Tagged x=crossport 4=IPv4 6=IPv6
                 L=Listener I=Initiator

 

 

I test 3225 port with nmap.

nmap -sU IP -p 3225

service all up at a.b.216.35 & a.b.0.81.

 

Any more advice?

External Moderator
Posts: 4,855
Registered: ‎02-23-2004

Re: How to solve FCoIP with two firewall and two NAT?

hi,

 

-->>Hp 1606's firmware is v7.0.0c.The only License is "Enhanced Group Management license"

 

show to me you have "base model" 6+2

 

since remain port's and feature are not licensed, the VE Port show offline.

 

however, I've answered to you email, would suggest you send me all this details, I'll try to help you with the issue if is one.

TechHelp24

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.