Managing LAN Segments on a Tenant Site
A network on a tenant site is divided into multiple LAN segments to improve traffic management and security. A LAN segment is a small portion of a LAN that is used by a work group. A grouping of multiple LAN segments form a department. LAN segments are separated by a bridge, router, or a switch.
You can view and manage LAN segments from the Sites > Site Management > Site Name > LAN tab.
These topics describe how to manage LAN segments on a site.
Adding LAN Segments
You add LAN segments from the Site-Name page.
To add a LAN segment:
- Click Sites > Site Management.
The Sites page appears.
- Click the name of the site for which you want to add the
The Site-Name page appears.
- Click the add icon (+) on the LAN tab.
The Add LAN Segment page appears.
- Complete the configuration settings according to the guidelines
provided in Table 1.
Fields marked with an asterisk (*) are mandatory.
- Click OK.
You are returned to the Site-Name page, where the LAN segment that you added is displayed.
Table 1: Add LAN Segment Settings
Enter a unique string of alphanumeric characters. No spaces are allowed and the maximum length is 15 characters.
Select the type of LAN segment:
Select one or more port numbers from the list depending on the connection plan that you previously specified.
Enter the VLAN ID for the LAN segment.
Range: 1 through 4094.
IP Address Prefix
Enter the IP address prefix for the LAN segment; for example, 192.0.2.8/24.
Select a department to which the LAN segment is to be assigned. You group LAN segments as departments for ease of management and for applying policies at the department-level. For LAN segments that are dynamically routed, you can assign only a data center department.
Alternatively, click Create Department to create a new department and assign the LAN segment to it. See Adding a Department.
For directly connected LAN segments, click the toggle button to enable DHCP. DHCP is disabled by default.
You enable DHCP if you want to assign IP addresses by using a DHCP sever. You disable DHCP if you want to assign a static IP address to the LAN segment.
Note: If you enable DHCP, fields related to DHCP-related parameters appear and must be configured.
IP Address Prefix
Enter the IP prefix of the DHCP IP address pool. For example: 192.0.2.10/24.
Address Range Low
Enter the starting IP address in the range of IP addresses that can be allocated by the DHCP server to the LAN segment.
Address Range High
Enter the ending IP address in the range of IP addresses that can be allocated by the DHCP server to the LAN segment.
Maximum Lease Time
Specify the maximum duration (in seconds) for which a client can request for and hold a lease on the DHCP server.
Range: 0 through 4,294,967,295 seconds.
Specify one or more IPv4 addresses of the DNS server. To enter more than one DNS server address, type address, press Enter, and then type the next address, and so on. DNS servers are used to resolve hostnames into IP addresses.
For dynamically routed LAN segments, select the routing protocol (BGP or OSPF) to be used by the data center department to learn routes from the data center.
Select the BGP route authentication method to be used:
Peer IP Address
Enter the IP address of the BGP neighbor.
Peer AS Number
Enter the autonomous system (AS) number BGP neighbor.
If you specified that MD5 should be used for authentication, specify an MD5 authentication key (password), which is used to verify the authenticity of BGP packets.
OSPF Area ID
Specify the OSPF area identifier to be used for the dynamic route.
Select the OSPF route authentication method to be used:
Enter the password to be used to verify the authenticity of OSPF packets.
Retype the password for confirmation purposes.
MD5 Auth Key ID
If you specified that MD5 should be used for authentication, enter the OSPF MD5 authentication key ID.
Range: 1 through 255.
If you specified that MD5 should be used for authentication, enter an MD5 authentication key, which is used to verify the authenticity of OSPF packets.
Deploying LAN Segments
After you create a LAN segment and assign it to a department, you must deploy the LAN segment. You can deploy LAN segments from the Site Name page.
To deploy one or more LAN segments:
- Click the LAN tab.
- Select one or more LAN segments that you want to deploy and click Deploy.
A Deploy LAN Segment job is created.
If a Deploy LAN Segment job is in progress for a site, wait for the job to finish before triggering another Deploy LAN Segment job.
If you attempt to trigger a Deploy LAN segment job when another one is running, the job fails with a message indicating that the previous LAN segment deployment job is in progress.
- Click More > Deploy History to view
job status and deployment history of the LAN segment.
The Deploy LAN Segment History page displayed.
Alternatively, you can verify the status of the job from the Monitor > Jobs page.
Reassigning a Department to a LAN Segment
You can reassign the department assigned to a LAN segment from the Site Name page.
To reassign a department:
- Click the LAN tab.
- Select a LAN segment and click Re-assign Department.
The Re-assign Department page appears.
You cannot reassign a LAN segment that is already assigned to a department and is deployed.
- Select the department to which the LAN segment is to be assigned.
- Click Deploy.
The success message Re-assign department succeeded. is displayed.
- Click OK.
The LAN segment with the newly assigned department is displayed on the tenant site page.
Deleting LAN Segments
You can delete a LAN segments from the Site Name page.
To delete a LAN segment:
- Select a LAN segment and click the delete icon (X) icon on the LAN tab.
The Delete LAN Segment page appears.
- Click OK to confirm deletion.
The LAN segment is deleted.