19.4 Using a Private Network Configuration

Mục Lục

This section provides information about using a private network
configuration for a Sun Ray environment. This is a supported
configuration, but it adds more complexity to the initial and
ongoing Sun Ray network administration.

A private network configuration meets the following criteria:

A private network segment is connected to one of the
interfaces of the Sun Ray server.
The Sun Ray server handles all the Sun Ray Client’s IP and
device configurations.
The Sun Ray server defines the subnet’s characteristics (such
as the IP range and subnet).
Only Sun Ray Clients are connected to the subnet.
The Sun Ray server provides DHCP services.
The private network is configured by using the utadm -a interface command.

Figure 19.2, “Private Network Example” shows an example
of a private network configuration.

Figure 19.2 Private Network Example

Diagram showing a private network.

19.4.1 Private Network Configuration Worksheet

Fill out
Table 19.2, “Private Network Configuration Worksheet”,
so that the information is readily available during the actual
configuration process. This worksheet is for configuring a Sun
Ray server in a private network.

Values that are provided in italics are
only examples and should not be used.
Values provided in normal font are defaults and can be used.
Superscripted numbers (#) refer
to footnotes at the end of each section.

Note

The blank rows in the worksheets are provided for you to add
additional information about your environment if you choose to
print the worksheets.

Table 19.2 Private Network Configuration Worksheet

Aspect or Variable

Default Value, Example, or (Other)

Your Primary Server Value

Your Secondary Server Value

Configuring the Sun Ray
interconnect interface using
utadm

(Provide the start time)

Interface name

hme1 (Oracle Solaris),
eth1 (Oracle Linux)

Host address (1)

192.168.128.1

Net mask

255.255.255.0

Net address

192.168.128.0

Host name (1)

hostname-interface-name

If the Sun Ray server is used for IP address
allocation:

First Sun Ray Client address

192.168.128.16

Number of Sun Ray Client addresses
(2)

Firmware server (3)

192.168.128.1

Router (3)

192.168.128.1

Specify additional server list? (optional)

(yes or no)

If yes, filename

filename

Or, Server IP address

192.168.128.2

Configuring Sun Ray Software
using utconfig

(Provide the start time)

Admin password

adminpass

Configure Admin GUI? If yes, then:

Apache Tomcat installation directory

/opt/apache-tomcat

Sun Ray admin server port number

1660

Enable remote administration? (optional)

(yes or no)

Enable secure connection? (optional)

(yes or no)

Configure Kiosk Mode? (optional)

(yes or no)

If yes, User prefix

utku

Group name

utkiosk

User ID range start

150000

Number of users (4)

Configure failover group? (optional)

(yes or no)

If yes, Failover group signature
(5)

signature1

(1) These values are different for
each Sun Ray server, even if that server is part of a failover
group.

(2) These values must be unique among
the servers in a failover group. The following guidelines can
help you determine what addresses to allocate for each Sun Ray
server:

X = (Number of clients/(Number of servers – 1)) – 1
First unit address for primary server= 192.168.128.16
Last unit address for all servers = X + first unit address.
If last unit address is greater than 240, reduce to 240.
- First unit address for secondary servers = 1 + last unit
  address of previous server. If first unit address is
  greater than 239, configure for a class B network.
  Example: 120 clients, 4 servers. X= 39

(3) These values are the same as the
interface host address by default.

(4) The value entered for the number
of users is the greater of:

The total number of Sun Ray Clients
The total number of disconnected and active sessions

(5) This signature^
must be the same for every Sun Ray server
in a failover group. The signature requires at least one numeric
character.

19.4.2 How to Configure a Sun Ray Server in a Private Network

This procedure shows how to configure a Sun Ray server in a
private network.

Log in as the superuser of the Sun Ray server, either
locally or remotely.

Note

Make sure that the /etc/hosts file
contains the IP address of the system host name.
Configure the Sun Ray interconnect interface:
```
# /opt/SUNWut/sbin/utadm -a interface-name
```
where
interface-name
is the name of the interface to the Sun Ray interconnect,
for example: hme1,
qfe0, or ge0
(Oracle Solaris) or eth1 (Oracle Linux).

The utadm script begins configuring DHCP
for the Sun Ray interconnect, restarts the DHCP daemon, and
configures the interface. The script then lists the default
values and asks whether they are acceptable.

Note

If the IP addresses and DHCP configuration data are not
set up correctly when the interfaces are configured, the
failover feature cannot work properly. In particular,
configuring the Sun Ray server’s interconnect IP address
as a duplicate of any other server’s interconnect IP
address may cause the Sun Ray Authentication Manager to
generate Out of Memory errors.
Evaluate the default values:
- If you are satisfied with the default values, and the
  server is not part of a failover group, answer y.
- Otherwise, answer n and accept whatever default values
  are shown by pressing Return, or provide the correct
  values from the worksheet.
  
  The utadm script prompts for the
  following:
- New host address (192.168.128.1)
- New netmask (255.255.255.0)
- New host name
  (hostname-interface-name)
- Offer IP addresses for this interface? ([Y]/N)
- New first Sun Ray Client address (92.168.128.16)
- Total number of Sun Ray Client address
  (X)
- New authorization server address (192.168.128.1)
- New firmware server address (192.168.128.1)
- New router address (192.168.128.1)
- An additional server list.
  
  If you answer yes, it requests either a file name
  (filename) or a Server IP
  Address (192.168.128.2).
The utadm script again lists the
configuration values and asks whether they are acceptable.
- If not, answer n and revise the answers provided in Step
  3.
- If the values are correct, answer y. The following Sun
  Ray files are configured:
  
  For Oracle Solaris:
```
/etc/hostname.interface-name
/etc/inet/hosts
/etc/inet/netmasks
/etc/inet/networks
```
  For Oracle Linux:
```
/etc/opt/SUNWut/net/dhcp/SunRay-options
/etc/opt/SUNWut/net/dhcp/SunRay-interface-eth1
/etc/opt/SUNWut/net/hostname.eth1
/etc/hosts
/etc/opt/SUNWut/net/netmasks
/etc/opt/SUNWut/net/networks
/etc/dhcpd.conf
```
  The utadm script configures the Sun
  Ray Client firmware versions and restarts the DHCP
  daemon.
Repeat this procedure for each of the secondary servers in
your failover group.

19.4.3 How to List the Current Network Configuration

# utadm -l

19.4.4 How to Print a Private Network Configuration

# utadm -p

For each interface, this command displays the host name,
network, netmask, and number of IP addresses assigned to Sun Ray
Clients by DHCP.

Note

Sun Ray servers require static IP addresses; therefore, they
cannot be DHCP clients.

19.4.5 How to Delete an Interface

# utadm -d interface_name

This command deletes the entries that were made in the
hosts, networks, and
netmasks files and deactivates the interface
as a Sun Ray interconnect.

19.4.6 Example Private Network Setup

The following section presents an example of a Sun Ray Client
deployment on the private network interconnect A
(directly-connected dedicated interconnect) as shown in
Figure 19.3, “Example of Alternate Private Network Topology”.

Figure 19.3 Example of Alternate Private Network Topology

Diagram showing an example of a Sun Ray network topology.

Subnet A is a private network. Its subnet will use IP addresses
in the range 192.168.128.0/24. The Sun Ray
server named helios is attached to the
interconnect through its qfe2 network
interface, which will be assigned the IP address
192.168.128.3.

In an interconnect scenario, the DHCP service on the Sun Ray
server always provides both basic networking parameters and
additional configuration parameters to the Sun Ray Client. The
answers to the three predeployment questions are as follows:

From which DHCP server will clients
on this subnet get their basic IP networking
parameters?

On a directly connected dedicated interconnect, basic
networking parameters are always supplied by the DHCP
service on the Sun Ray server.
From which DHCP server will clients
on this subnet get additional configuration parameters to
support features such as firmware download?

On a directly connected dedicated interconnect, additional
configuration parameters are always supplied by the DHCP
service on the Sun Ray server.
How will clients on this subnet
locate their Sun Ray server?

On a directly connected dedicated interconnect, the Sun Ray
Client is always notified of the location of the Sun Ray
server through an additional configuration parameter
supplied when Sun Ray services are restarted.

This example shows the DHCP service for the directly connected
dedicated interconnect A shown in
Figure 19.3, “Example of Alternate Private Network Topology”.

Configure the Sun Ray server to provide both basic and
additional parameters to the interconnect.

Use the utadm -a
interface-name command
to configure DHCP service for clients on an interconnect. In
this example, the interconnect is attached through interface
qfe2:

# /opt/SUNWut/sbin/utadm -a qfe2
### Configuring /etc/nsswitch.conf
### Configuring Service information for Sun Ray
### Disabling Routing
### configuring qfe2 interface at subnet 192.168.128.0
Selected values for interface "qfe2"
host address: 192.168.128.1
net mask: 255.255.255.0
net address: 192.168.128.0
host name: helios-qfe2
net name: SunRay-qfe2
first unit address: 192.168.128.16
last unit address: 192.168.128.240
auth server list: 192.168.128.1
firmware server: 192.168.128.1
router: 192.168.128.1
Accept as is? ([Y]/N): n
new host address: [192.168.128.1] 192.168.128.3
new netmask: [255.255.255.0]
new host name: [helios-qfe2]
Do you want to offer IP addresses for this interface? ([Y]/N):
new first Sun Ray address: [192.168.128.16]
number of Sun Ray addresses to allocate: [239]
new auth server list: [192.168.128.3]
To read auth server list from file, enter file name:
Auth server IP address (enter <CR> to end list):
If no server in the auth server list responds, should an auth server be located by 
broadcasting on the network? ([Y]/N):
new firmware server: [192.168.128.3]
new router: [192.168.128.3]
Selected values for interface "qfe2"
host address: 192.168.128.3
net mask: 255.255.255.0
net address: 192.168.128.0
host name: helios-qfe2
net name: SunRay-qfe2
first unit address: 192.168.128.16
last unit address: 192.168.128.254
auth server list: 192.168.128.3
firmware server: 1 192.168.128.3
router: 192.168.128.3
Accept as is? ([Y]/N):
### successfully set up "/etc/hostname.qfe2" file
### successfully set up "/etc/inet/hosts" file
### successfully set up "/etc/inet/netmasks" file
### successfully set up "/etc/inet/networks" file
### finished install of "qfe2" interface
### Building network tables - this will take a few minutes
### Configuring firmware version for Sun Ray
All the units served by "helios" on the 192.168.128.0
network interface, running firmware other than version
"2.0_37.b,REV=2002.12.19.07.46" will be upgraded at their
next power-on.
### Configuring Sun Ray Logging Functions
DHCP is not currently running, should I start it? ([Y]/N):
### started DHCP daemon
#

In this example, the default values initially suggested by
utadm were not appropriate. Specifically,
the suggested value for the server’s IP address on the
interconnect was not the desired value. The administrator
replied n to the first “Accept as is?”
prompt and was given the opportunity to provide alternative
values for the various parameters.

Restart Sun Ray services on the Sun Ray server by issuing
the utstart command to fully activate Sun
Ray services on the newly defined interconnect.
```
# /opt/SUNWut/sbin/utstart
A warm restart has been initiated... messages will be logged to /var/opt/SUNWut/log/messages.
```