6 Replies Latest reply: Jun 21, 2012 5:28 PM by Blacknight582
Ian L-F Level 1 (10 points)

I am looking at starting over from scratch after my xsan experiment went very well.  I have invested in an ActiveStorage system and am looking to build a system that is reliable and works properly - by the book.


I am planning on having two DNS servers, one for the public internet subnet and one for the metadata subnet.  Public will be: rvchost.int and metadata will be xsan.rvchost.int.  Obviously in the two ethernet config panes on each computer, they will have to point to their respective DNS servers.  Should each of the servers have a reference for each other in their DNS settings?  Under sharing in each of the computers' system preferences should the name of the computer be the name I plan to give it in the DNS server panel or does this matter?  I have seen conflicting reports and to be honest, this is not even covered in the Xsan Admin Book released by Apple.  Also, I don't want to use Open Directory - is it okay for the same local user to be logged into each client.  Up to this point I haven't had any trouble but others have told me it is a no, no.



Anything else I am missing would be helpful too.


  • Blaidd Drwg Level 1 (95 points)

    Don't put a DNS server on the metadata network. Configure DNS on each system in the public interface only with addresses routable through the public network. Keep the metadata interface for metadata.


    The computer name in Sharing (or Bonjour name) doesn't have to be the same as the DNS hostname. But it will help the administrator know who's who if they are the same. Avoid changing names (DNS and Bonjour) or IP addresses for systems once you've added them to the Xsan to prevent Xsan Admin from getting confused.


    You really shouldn't use local users with Xsan. If you want to do things "by the book", use Open Directory or Active Directory.

  • Ian L-F Level 1 (10 points)

    So what's the deal with DNS for the metadata network - do I put all of this information on the public DNS server?

  • Ian L-F Level 1 (10 points)

    Also, what problems could I be looking at not using Open Directory users?

  • Blaidd Drwg Level 1 (95 points)

    ACLs won't work between systems.

  • cinedigital Level 1 (0 points)

    If you want to give everyone complete access, does using a single user on all clients create any problems?

  • Blacknight582 Level 1 (55 points)

    You don't have to have any kind of DNS server for the metadata network. Example: If you have 8 machines - make a list of IP addresses - ; go to each machine and Name the Metadata interface and Give each machine a static (Manual) IP address from this list and plug them into the same switch. There you go, the MD network is set up. Another note for this is the dumber the switch, the faster the MD network is. A Desktop Netgear gigabit switch is great; There's no need for a $3000 switch to handle MD. The more expensive, generally the more into the frames the switch looks and that causes latency which in turn slows down the network (although fractionally, it still amounts to something).


    Using a single local account is not a problem. (The manual confirms this as well) we did however move away from this setup having one username/password for all machines to binding to AD/OD. The biggest problem with the one user/pw setup is if two machines are at all trying to access the same information, computers will try to access over each other and you will "DEFINITELY" (I cannot stress enough) have problems. we had only 3 clients working at the same time; in the same room and so they could speak to each other and verify they were not conflictingly using the same files. OD binding removes this from being possible as the files are locked by the user when opened and other users cannot access them.


    You can give everbody in an OD setup administrative rights to the SAN volume (Full read/write access), Using the single user option causes more issues than worth especially as your group increases in size, new people come, etc...