Bob, I have three separate failover groups. Building 7 is called Rowe Hall. The current configuration has two V240's configured for failover. The 6 remote buildings have Sun Ray's attached Extreme Switches, and BootP Relay is enabled with re-direction across the secure WAN to the V240's. The SRS 3.1 servers are setup to provide full windows desktops with Smart Cards. The subnet span works great and Bandwidth/Performance is flawless.
Building 8 is called Friedman Hall. I have 12 Sun Rays in this building being using DHCP Relay to Rowe Hall. However, I am adding 2 V240's more for redundancy in case the Taclane or servers in Rowe Hall Fail. The two V240's will be a separate failover group. This building has a entire subnet, since I will be adding 200 additional Sun Rays, and "Heavy Sun Iron" later. Building 9 is called Kelly Operations, The building is wired for 800 network drops, I have 3 V490's in a separate failover group configured with 200 IP's each with dedicated interconnects. I will be installing 270 Sun Rays. I will also add the original 6 subnet spans into each of the DHCP tables for each of the V490's as a redundancy measure in case Rowe and Friedman go down. I also have 3 V40Z's for terminal servers here. I am not concerned about failover, what I have been asked to do, is enable all users to have smart card Hot desk if they travel to any buildings that has Sun Rays. Craig Bender came out for a site visit, and said that amgh could be configured to broadcast the session mobility information. My problem is I don't understand the amgh process or how to configure it. As a FYI update, we are approaching 1400 Sun Rays across five networks. We have several Sun Ray integration projects on going at this time as well. -We are in the RDP connector Beta program; I am very pleased with the performance, and look forward to retiring rdesktop once I can use RDP for production. -We will be testing the CAC Card authentication on the Sun Rays for windows desktops via the RDP connector and Active card gold. -We are working with Digi International on testing the USB over IP to solve our media access to the windows desktops on the Sun Rays. This is a very cool concept. -We have built a VMware ESX Server on a V40Z, we are in the process of performance and scaling of several Army program systems. The target goal here is to build large ESX Farms and Life Cycle replace all 2500 desktops with Sun Ray's. -We are working to upgrade our SF4800 Sun Ray server to a SF4900 dual core for expansion to 500+ users. -We are in the process and almost done with replacing all of our "DELL Hell" Servers with V20Z/V40Z/4100 Windows AD servers and terminal servers with 2003 64Bit. Our Sun SE is Scott Powers; he has made our Enterprise what it is today. With his help and this sunray user group, the future looks really "SUNny" for Sun Ray Expansion. Craig Bender has also been very helpful. I will update the group on the results of all the integration once we complete evaluation. Thank You David Partington -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bob Doolittle Sent: Wednesday, April 05, 2006 8:00 PM To: SunRay-Users mailing list Subject: Re: [SunRay-Users] amgh Help Hi, I'm not sure what your question is. It sounds like you are setting up all your servers in a single fail-over group, but some of them are across a WAN from the Sun Rays? Does the WAN provide sufficient bandwidth? Are there no Sun Rays in the "8th building"? Is the "9th building" separated by WAN from the 8th? I'd recommend making your 9th building servers a separate failover group, and then if your users are mobile between the 9th building and the first 6 use AMGH to bridge them. You don't use AMGH within a failover group. Within a failover group hotdesk mobility is automatic. I presume all your networks route multicast packets properly? Otherwise you can't have failover groups that span subnets. Regarding AMGH: Do all your users use smartcards? Do they have fixed "seats" from which they normally do their work, with mobility being the exception rather than the rule? If so, using AMGH and assigning smartcards to the failover group near the building in which the associated user resides would be the way to go (e.g. your AMGH script should map the smartcard which belongs to user A, who resides in building 1, to the servers in building 7, while the smartcard belonging to user Y, who resides in building 9, should be mapped to the servers in building 9). I have a blog about "Getting started with AMGH" that may help, after you've read the Admin guide: http://blogs.sun.com/bobd Note that, unfortunately, you're using CAM. AMGH is not supported for CAM yet (will be in the next SRSS release). However, in my blog I've placed some tools that should help you use AMGH with CAM. Not officially supported - a spare time project from me (consider it a Newtday present :-). If you're not comfortable using it you're stuck with configuring a single failover group for now, but with WAN links in the middle I'd be concerned about load balancing, since it won't take the restricted bandwidth bottlenecks into account. -Bob David Partingtin wrote: >All, > We are continuing to grow our Sun Rays on one our secure (KG-175 >Taclane(E100)enterprise networks. I have 6 buildings with a total of 75 Sun >Ray that are using DHCP Relay to point to the SRS Servers located in a 7th >building on a (utadm -A) shared and (255.255.255.224) subnetted environment. >I currently have the two V240's and two V20's setup for failover in the >seventh building. Both V240's are on the same subnet and work flawlessly for >DHCP Relay Host, failover and session mobility. For Further redundancy and >expansion, I am adding two additional V240's and V20's in an 8th building >data center. The problem is the new SRS servers will be on an entirely new >subnet on the WAN Side. They will be part of the DHCP Relay list for all of >the original 6 buildings with the 75 Sun Rays. So I know for failover and >session mobility I have to use amgh. To further complicate the mix, I am >turning on a new 9th building on the same enterprise secure network with 270 >Sun Rays, with 3 V490's and 3 V40Z Servers next week. The V490's will be on >a different WAN subnet, but the 270 Sun Rays are on three (utadm -a ) >dedicated SRS subnets (255.255.255.0). My problem is that I need to have >session mobility across the entire enterprise. Not that it complicates >things, but all the Sun Rays are running Windows RDP via rdesktop in CAM, >smart card only mode. Here is the IP Configuration. The IP's are bogus for >security reasons. > >Building 7 >V240Z SRSSERV1 IP 192.168.1.18 >V240Z SRSSERV2 IP 192.168.1.19 > >Building 8 >V240Z SRSSERV3 IP 190.167.1.18 >V240Z SRSSERV4 IP 190.167.1.19 > > > >Building 1 >DHCP RELAY 192.168.1.18, 192.168.1.19 192.167.1.18 192.167.1.19 >DHCP IP's offered 22.150.21.2-29 >Building 1 >Network 22.150.21.0 >Subnet 255.255.255.224 >Router 22.150.21.1 >Broadcast 22.150.21.30 > >Building 2 >DHCP RELAY 192.168.1.18, 192.168.1.19 192.167.1.18 192.167.1.19 >DHCP IP's offered 22.150.21.22-60 >Building 1 >Network 22.150.21.31 >Subnet 255.255.255.224 >Router 22.150.21.32 >Broadcast 22.150.21.61 > >Building 3,5,6 continue with same IP Scheme and BOOTP Relay's > > >Building 9 >V490Z SRSSERV5 >Port 1 WAN IP 192.189.1.1 >Port 2 Sun Ray Dedicated DHCP 22.165.100.16-200 >V490Z SRSSERV6 >Port 1 WAN IP 192.189.1.2 >Port 2 Sun Ray Dedicated DHCP 22.165.101.16-200 >V490Z SRSSERV7 >PORT 1 WAN IP 192.189.1.3 >Port 2 Sun Ray Dedicated DHCP 22.165.102.16-200 > > >Sorry about the post being so long, I could really use some guidance. Thanks >for reading. > > >David Partington >Ft Huachuca, Az >[EMAIL PROTECTED] > > >_______________________________________________ >SunRay-Users mailing list >[email protected] >http://www.filibeto.org/mailman/listinfo/sunray-users > > _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users _______________________________________________ SunRay-Users mailing list [email protected] http://www.filibeto.org/mailman/listinfo/sunray-users
