Network Design and consideration changes for SRM

MIAMIDAVE · ‎06-24-2009

I am thinking of implementing SRM with my Netapp storage appliance. I have some questions regarding network configuration and would like some imput.

Overview.

I have 2 datcenters. One in Miami and one in Orlando. At each datacenter I occupy 1 rack with all of my companies infrastructure.

Datacenter hands off IP to me and handles all layer 3 external routing. I have a firewall at each location that handles public traffic requests.

I also have a layer2 Cogent 100mb circuit that terminates inside my network on our Cisco 3750 switch on each end.

At each location I have vmware running on 2 Vsphere Dell 2950dual quad core hosts. Storage is NFS to Netapp2020 SAN.

Its a pretty sweet setup.

I replicate data via the Layer2 pipe at regular intervals through the day using snapmirror. Miami segment is 1.1.1.x and Orlando is 1.1.3.x both masked by 255.255.255.0. All of my storage protocol is segmented on other VLANs.

In the event of DR I simply fire up my volumes on the DR side where my DR hosts are on the 1.1.3.x network.

Here is where it gets interesting. Up until present time I was unable to pass VLAN traffic on the layer2 Cogent pipe between locations hence the different network IP. I use an interface on the Cisco firewall to make an isolated network (1.1.1.x) for testing and preparation for DR as I do not want to have to re-IP all of my virtual servers when they live on the DR side. By having the firewall configured this way it does not pass traffic from the isolated 10.10.10.x network back through the layer2 pipe. This solution works but is a littlecombersom due to somenatting and really isnt as clean as I like it.

I am now able to pass VLAN traffic through the layer2 pipe using QinQ allowing me to configure the DR as trunk to Miami to share the same IP network scheme. I can then eliminate the previous configured isolated network using the firewall because I believe SRM will so this for me. I believe this will greatly simplify my overall network but I am not sure this is the correct approach. What happens to my firewall and gateway in DR? See rough attached drawing.

David R. DePillis (MCSE, CNA)

Manager of IT Operations

ALLIED CASH ADVANCE

David R. DePillis (MCSE, CNA) Manager of IT Operations ALLIED CASH ADVANCE 200 S.E. 1st St., Suite 800 Miami, FL 33131 Office 305-722-0077 Cell 305-968-3285 EFax 305-356-8958 dave@alliedcash.com www.alliedcash.com

MHAV · ‎06-24-2009

Well David,

with SRM you don´t have to have the same VLAN on both side´s. Within SRM and the configuration of it you can change the IP of the VM´s while you switch them over to DR side.

Hope that will answer your question.

Regards

Michael

PS.: Have you allready checked the vOptimizer of Vizioncore? I´ve heard a lot amazing things about that software and what it can do with the performance of your VMs with NetAPP Storage.

Regards Michael Haverbeck Check out my blog www.the-virtualizer.com

MIAMIDAVE · ‎06-25-2009

My question is geared more towards the removal of the isolated network for testing and what to do with the gateway at the Orlando location. Would I program theSRM Isolated vswitch to use the orland gateway so I could test public resources etc.

David R. DePillis (MCSE, CNA)

Manager of IT Operations

ALLIED CASH ADVANCE

David R. DePillis (MCSE, CNA) Manager of IT Operations ALLIED CASH ADVANCE 200 S.E. 1st St., Suite 800 Miami, FL 33131 Office 305-722-0077 Cell 305-968-3285 EFax 305-356-8958 dave@alliedcash.com www.alliedcash.com

MHAV · ‎06-26-2009

Well the testing funcionaltity of SRM is as far as i understoud just to see wether the SAN Switch Over and bring Machines Back for.

I never seen or heard about a envirenment where the Vm in testing mode had been tested like contacting the LAN etc.

Regards Michael Haverbeck Check out my blog www.the-virtualizer.com

azn2kew · ‎06-26-2009

SRM testing by creating a bubble networks and once done you can roll back everything as normally and that flexibility level allows you to test anytime without affecting your produciton environment. You can neither use stretched VLAN configurations for both sites or Re-IP the recovery site with the tools. You can check out VIOPS site and download .cmd files to automatically run the IP scripted to change it as well. I would suggest reading the SRM guide and the architecture behind it before implementing.

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!

Regards,

Stefan Nguyen

VMware vExpert 2009

iGeek Systems Inc.

VMware, Citrix, Microsoft Consultant

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!! Regards, Stefan Nguyen VMware vExpert 2009 iGeek Systems Inc. VMware vExpert, VCP 3 & 4, VSP, VTSP, CCA, CCEA, CCNA, MCSA, EMCSE, EMCISA