Configuration Supporting Multiple Management IP Networks

The Multiple Management IP Network feature can scale up to 6 networks.

Third-party certificate changes

You can access EFA at different IP addresses (one for each of the new networks).

Update the third-party SSL certificates with the external IP address of management interfaces of EFA. Re-generate the certificates when you add a new network. You can replace the generated certificate with your own certificates (third-party certificates), which must have a reference to each of the EFA IP addresses.

Third party certificate must contain a Subject Alt Name (SAN) field for each EFA IP address. In particular, if you have added management access for external networks, include the EFA management IP address for each external network. The openssl command supports a flag for adding a SAN IP address.

For example:
-addext "subjectAltName = IP.1:192.168.30.40"

Day 0 and installation changes

Day 1 to n changes

Installer changes

During installation, you are asked whether you want to add additional management networks for connection to EFA. If you select Yes, you are then asked to provide three input parameters:

You repeat this process until you have finished adding all the sub-interface information you need. Then you select No to continue with installation. For details, see the installation and upgrade information in the Extreme Fabric Automation Deployment Guide, 2.4.0 .