Although ESX supports 2TB LUNS, you may be better off creating 400/500GB LUNS.

Hello,

You might be better to look at the number of VMs you are going to have and thier Roles as well. As suggested earlier, it's better to create LUNs between 400 and 500 gig. Raid 10 or Raid 5!!! That's depends on the VMs you have and kind of arcticture you will be having. For examble, 350 gig LUN that's Raid 10 its porpuse only to host a C:\ Drive of the VMs and the number of VMs I have in this LUN around 11 VMs. This gives better Read/Write performance and faster booting.

If you have VMs that require to host Data, such as FileServer, ect ect, it's better to create another LUN that's Raid 5 and assign a VMDK Disk from this LUN to the VMs that require Data Drive. Offcourse, the C:\ Drive has to be mapped from LUN that's Raid 10.

Also, your C:\ Drive of the VM shouldn't be exceed 20 gig * by number of VMs + free LUN space for overhead and SnapShots. = your LUN Size.

Regarding your SAN connectivity, it's better to provide a spearate pSwitches to connect your SAN to be on it's own seperate network, this will give you better Security and better performance. But make sure that the iSCSI VMkernel PortGroup seprated of your vMotion and Service Console PortGroups.

Regarding your Networking connectivity, it's better to seperate each network from each other. Since you have 8 pNICs, If I were you I would do the following;

• vmnic0 & vmnic1 --> vSwitch0 " Service Console PortGroup"

• vmnic2 & vmnic3 --> vSwitch1 " vMotion PortGroup"

• vmnic4 & vmnic5 --> vSwitch2 " VMs PortGroup"

• vmnic6 & vmnic7 --> vSwitch3 " iSCSI - VMKernel PortGroup"

If those pNICs comes from seprate PCI or Mezzanien Cards. Then think of Cross-Over PCI to give you better redundancy. Such as 0 -> 7, 1 -> 3 ect ect.....

Make sure the Service Console Network i behind a Firewall that seprate between your Production and ESX Network. So, this will give your better security and limited ports opened between your ESX and Production Networks. If you want to manage your environment from production, just you have to use the Vi-Client to access the Hosts Directly or access the vCenter via Vi-Client. Since you will have a Seperate ESX Network, it's better to put the vCenter beside your hosts, so all the vCenter communication to your hosts will be faster and secured witing it's own network.

You can build a Virtual Firewall to have one vNic on ESX Network side, that's Internal and one vNIC on your Production Network Site, that's External. Create the allowed ports to be accessed and you are done.

Seprate the vMotion on it's own network, because the VMs movements are in clear text. So, hacker can sniff the data quickly. And the same applies on the iSCSI Network, put this has to be on a seprate pSwitch which will seprate the vMotion and iSCSI Networks off each other.

If you have got only two pSwitches that cascaded use VLANs to seprate the networks.

Best Regards,

Hussain Al Sayed

If you find this information useful, please award points for "correct" or "helpful".