Hitachi

JP1 Version 12 JP1/Network Node Manager i Setup Guide


13.6.6 Deploying NNMi in a network address translation (NAT) environment

To deploy NNMi in a NAT environment:

  1. Identify and compile a list of the NAT domains in your network management environment.

  2. Determine the type of supported NAT that is used within each NAT domain.

  3. Deploy each NNMi management server as required in relation to each NAT domain (inside or outside the NAT domain's internal IP address space).

    See the following special considerations:

  4. Use the NNMi Configuration > Discovery > Tenants workspace to define a unique tenant name for each NAT domain.

    Important

    If you are using global network management in your deployment, this name must be unique among all NNMi management servers (regional managers and the global manager).

  5. Determine the nodes within each NAT domain that NNMi needs to monitor.

  6. Only for static NAT domains: Create any overlapping address mappings to identify each node's assigned NAT external/internal IP address pair.

    For the benefits of creating overlapping address mappings, see 13.7 Mapping overlapping IP addresses.

    Provide the following information:

    • Tenant name

    • External IP address

    • Internal IP address

    Use either the NNMi Configuration > Discovery > Overlapping Address Mappings workspace or the nnmloadipmappings.ovpl command line tool.

    For details, see NNMi online Help.

  7. Depending on where the NNMi management server is deployed in your network environment, a firewall might block NNMi from communicating with nodes in a NAT domain when NNMi uses the node's internal addresses. Therefore, for the Configuration > Communication Configuration setting, use the appropriate Preferred Management Address setting (NAT's external or internal IP address).

  8. Verify the Monitoring Configuration settings for NAT in your network environment:

    For details about Monitoring Configuration, see NNMi online Help.

  9. Configure a discovery seed for each node.

    Important

    Assign any infrastructure device that interconnects multiple NAT domains (such as a NAT gateway router) to the default tenant.

    Use either the NNMi Configuration > Discovery > Seeds workspace or the loadseeds.ovpl command line tool:

    • If the NNMi management server is inside the internal IP address space, configure discovery seeds using the internal IP address:

      - Host name/IP (use the internal IP address)

      - Tenant name

    • If the NNMi management server is outside the internal IP address space, configure discovery seeds using the external IP address:.

      - Host name/IP (use the external IP address)

      - Tenant name

    For details, see NNMi online Help.

  10. Verify that NNMi discovery found the nodes you expected.

    If not, double-check your configurations (above).

  11. Verify that the NNMi settings meet your team's needs:

    • Fine-tune the security group assignment of each node to manage which team members/customers can see each node at the NNMi console. Use NNMi Configuration > Security > Security Groups workspace.

    • Review the monitoring configuration settings that apply to these nodes and fine-tune as necessary. Use the NNMi Configuration > Monitoring > Monitoring Configuration workspace.

  12. Verify that the connections between nodes appear on the NNMi maps as expected.

    If not, do the following:

    • Verify that both nodes involved in a connection have proper tenant assignments (default tenant or other tenant).

    • Verify that the Subnet Connection Rules tab settings in Configuration > Discovery > Discovery Configuration are correct.

    • To force NNMi to add connections that are not found automatically, use the nnmconnedit.ovpl command line tool. For details, see the reference page for the nnmconnedit.ovpl command.

  13. Review the SNMP trap forwarding rules configured in each node's SNMP agent to include the appropriate NNMi management server's IP address.

  14. Only for static NAT domains: Configure the SNMP agent on each static NAT node to ensure that the interface associated with Internal Address in NNMi's Overlapping Address Mappings sources all traps that are sent to the NNMi management server.

  15. If your network environment includes SNMPv1, make the appropriate required changes to the NNMi configuration.

    See 13.5.5 Traps and static NAT.