Configure Subnets for a Multiple Instance Lighthouse

A Lighthouse with multiple instance support requires multiple separate subnets for Lighthouse VPN connections between:

  • each instance and its nodes.

  • the primary and secondary Lighthouses.

In a single Lighthouse, the defined subnet is used by Lighthouse to talk to all configured nodes. When you add a second Lighthouse, you must define a new subnet range that will talk to all of the same nodes.

Note:  Each subnet must not overlap any subnet in use by another Lighthouse instance. See Subnet Planning.

Subnet Planning

If you have multiple subnets next to each other, then they cannot overlap any other subnet in use by another Lighthouse. This means subnets that start next to each other cannot be extended after configuration, so it is important to consider how your subnet may grow over time.

Consider the following:

  • The number of nodes you might possibly use; each subnet must be large enough to accommodate all possible nodes that you will ever use with that Lighthouse instance.

    For example:

    • If you want to use 100 nodes, then you require a subnet with a minimum of 101 address spaces to accommodate the Lighthouse instance and all nodes.

    • If you configure a subnet for only the address spaces required, and you configure another subnet next to it, then you cannot extend the original subnet as it would overlap the second subnet.

  • The number of nodes available on your subscription. This does not dictate the size of your subnet, but you may require an upgrade to use your whole subnet.

Configure the Subnets between the Primary Lighthouse and its Nodes

  1. Ensure that you are on the primary Lighthouse.

  2. In the Settings Pane, select > MULTI INSTANCE > Multi Instance VPN.
    The MULTI INSTANCE VPN page displays.

  3. Enter the Address Space.
    The address you enter here is effectively the network address. A specific type of address where all host parts of the address are 0, or one value less than the first useable IP address within a range.

  4. Enter the CIDR Subnet Mask.
    The value selected here defines what part(s) of the Address Space is assigned to the network and what parts are assigned to the host. This determines how many addresses are available and what the range is.

    Note:  The Calculated Address Capacity is a calculated field and displays the addressable nodes based on the network.

Configure the Subnet between each Secondary Lighthouse and its Nodes

  1. Ensure that you are on the primary Lighthouse.

  2. In the Settings Pane, select > MULTI INSTANCE > Secondary Lighthouses.
    The SECONDARY LIGHTHOUSES page displays.

  3. Click on the Instance Description for the secondary Lighthouse you want to edit.
    The EDIT SECONDARY LIGHTHOUSE page displays.

  4. Under VPN NETWORK RANGE:

    1. Update the Address Space.
      The address you enter here is effectively the network address. A specific type of address where all host parts of the address are 0, or one value less than the first useable IP address within a range.

    2. Update the CIDR Subnet Mask.
      The value selected here defines what part(s) of the Address Space is assigned to the network and what parts are assigned to the host. This determines how many addresses are available and what the range is.

      3. Note:  The Calculated Node capacity is a calculated field and displays the addressable nodes based on the network.

  5. If you want the secondary lighthouse to be discoverable on the Smart Management Fabric, under SMART MANAGEMENT FABRIC RANGE, update the Address Space.

    Notes:
    • The CIDR Subnet Mask is a calculated field.
    • The Calculated Node Capacity is a calculated field and displays the addressable nodes based on the network.

Configure Secondary Instance Information Prior to Enrollment

Other information that is specific to the secondary Lighthouse should be configured before enrolling but can be modified on the primary Lighthouse via ogconfig-cli.

Instance specific information includes:

  • Hostname
  • Time zone
  • Networking
  • External interfaces

Note:  The instance specific information is available on both the primary and secondary Lighthouses but it is read-only on the secondary Lighthouse.

Configurations of all Lighthouse instances are stored in lighthouse_configurations.

These can be viewed via ogconfig-cli. The primary instance has a value of Primary for its role, and secondary instances have the value Secondary.

The following is an example of the ogconfig-cli session:

root@lighthouse:~# ogconfig-cli
ogcfg> print lighthouse_configurations[0].role
lighthouse_configurations[0].role (string): 'Primary'
ogcfg> print lighthouse_configurations[1].role
lighthouse_configurations[0].role (string): 'Secondary'

Alternatively, the command /usr/bin/is_secondary outputs n for a primary Lighthouse or y for a secondary Lighthouse.

To update the hostname of the secondary Lighthouse, run the following commands on the primary Lighthouse:

ogconfig-cli
set lighthouse_configurations[1].hostname new_name
push