Typical Networking
To ensure the security of application data, you are advised to divide the openGauss typical network into two independent networks: front-end service network and data management and storage network.
Table 1 describes the network division.
Table 1 Network division
The typical networking has the following advantages:
- The service network is isolated from the database management and storage network, effectively protecting the security of back-end storage data.
- The isolation between the service network and database management and storage network prevents attackers from managing database servers through the Internet, improving system security.
Network exclusiveness and 1:1 bandwidth convergence ratio are the basic requirements for openGauss network performance. Therefore, in the production system, the back-end storage network shown in Figure 1 must meet the requirements of exclusiveness and 1:1 bandwidth convergence ratio. For example, in Figure 2, the Fat-tree networking is used. To achieve a convergence ratio of 1:1, the bandwidth doubles each time the switching network layer is increased by one layer. In the figure, each bold line indicates the 80GE bandwidth, that is, the sum of the bandwidth upper limits of eight physical machines. At the access layer, each switch provides 160GE downlink bandwidth and 160GE uplink bandwidth. The convergence ratio is 1:1. The access bandwidth of each switch at the aggregation layer is 320GE.
For the test system, the preceding requirements can be lowered.