VMware Cloud Community
michael1
Contributor
Contributor
‎05-22-2012 02:07 AM

ESXi 5.0 network best practice

We are installene ESXi 5.0 on Dell PowerEdge 2950 machines witch have 6 network cards.

I am now going to setup the dvSwitch.

I whant to have redundance on the  Management Network.

What is the best practice when I setup the Virtual Machine Network, Management Network and VMotion Network?

Do I create an dvSwitch for each network?

Do I create one dvSwitch and then portgroups to each network?

What I would like to do is to make one dedicated dvSwitch for VMotion and dedicate one of the physical network cards ,

and then one dvSwitch for Virtual machine and Management Network and dedicate 5 physical network cards.

Then the Management Network would have 5 network cards for failover.

Would that be an ok design?

0 Kudos
4 Replies
Sreejesh_D
Virtuoso
Virtuoso
‎05-22-2012 02:37 AM

Do I create an dvSwitch for each network?

>>>> no, its not required. We can segregate switches based on the purposes. One for VM network and the second one for Management networks (Mgmt netwrok, iscsi network, vmotion, etc)

Do I create one dvSwitch and then portgroups to each network?

>>>>> dvSwitches are not required. Its good to have different portgroups for each network. It will help you in configuring VLAN , traffic shaping etc.

The design you proposed is the right one. Its good to make small changes in it.

1. Two DV switches.

     1.1 One for Virtual Machine Network (EG: dVswitch-VM1).

     1.2 Second one for VMotion and Management networks (Eg: dVswitch-MGMT1).

2. Add 4 uplinks to dVswitch-VM1.

3. And 2 uplinks for dVswitch-MGMT1.

4. Create necessary portgroups in each switch.

0 Kudos
BaSergey
Contributor
Contributor
‎05-22-2012 02:41 AM

Mixing Management Network with anything else is not good idea, IMO. Because of security threats.

Also, I do not quite understand abount 5-nic-failover but look at that: http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&e...

0 Kudos
Sreejesh_D
Virtuoso
Virtuoso
‎05-22-2012 02:59 AM

Sorry, if it was confusing. Definitely the management network and vmotion will have seperate portgroups with different subnets and vlans. Hence it will not get mixed up.

Just curious, what kind of security threats are expected here?

0 Kudos
BaSergey
Contributor
Contributor
‎05-22-2012 03:12 AM

As you described (with separate vdSwitch for mgmt.network and vmotion), there are none, I agree.

I mean not to mix mgmt.network with VM Network.

0 Kudos