VMware Cloud Community
biggz
Contributor
Contributor
Jump to solution

Network Design

Hello All,

We are just starting our vmware project.

We will have 4 physical NICs per server and utilizing a Fiber SAN

As far as the network design what will be the best configuration. We will be connecting our servers to one physical network switch with two VLANS(Call them A and B).

Here is what I am thinkin...

Pswitch - VLAN A -


> pNIC0 -


>Virtual Switch 1 - Virtual Machine Port Groups

pNIC2 -


> Virtual Switch 1 - Virtual Machine Port Groups

Pswitch -


VLAN B -


> pNIC1 -


> Virtual Switch 2 - Service Console/Vmotion

pNIC3 -


>Virtual Switch 2 - Service Conole/Vmotion

Reply
0 Kudos
1 Solution

Accepted Solutions
Rubeck
Virtuoso
Virtuoso
Jump to solution

I would create two new VLAN's on the physical switch... One for the Service console, and one for VMkernel,

As the maximum number of hosts in a cluster is 32, I would assiign a /25 IP subnet for each cluster. Devide this into two /26 subnets, which leaves 62 hosts addresses for Service Consoles and 62 addressses for VMKernels

Configure the physical switchports as trunks (VLAN tagged).

Create two vSwitches, vSwitch0 and vSwitch1

Configure two portgroups on vSwitch0, one for the Service Console and one for VMKernel.

Set vmnic0 as active and vmnic1 as standby for the Service Console portgroup

Set vmnic1 as active and vmnic0 as standby for the VMkernel portgroup.

Configure two portgroups on vSwitch1.. One each for your existing VLANs

Set both vmnic2 and 3 as active.

Thats what I would do....

/Rubeck

View solution in original post

Reply
0 Kudos
5 Replies
Rubeck
Virtuoso
Virtuoso
Jump to solution

I would create two new VLAN's on the physical switch... One for the Service console, and one for VMkernel,

As the maximum number of hosts in a cluster is 32, I would assiign a /25 IP subnet for each cluster. Devide this into two /26 subnets, which leaves 62 hosts addresses for Service Consoles and 62 addressses for VMKernels

Configure the physical switchports as trunks (VLAN tagged).

Create two vSwitches, vSwitch0 and vSwitch1

Configure two portgroups on vSwitch0, one for the Service Console and one for VMKernel.

Set vmnic0 as active and vmnic1 as standby for the Service Console portgroup

Set vmnic1 as active and vmnic0 as standby for the VMkernel portgroup.

Configure two portgroups on vSwitch1.. One each for your existing VLANs

Set both vmnic2 and 3 as active.

Thats what I would do....

/Rubeck

Reply
0 Kudos
Texiwill
Leadership
Leadership
Jump to solution

Hello,

Also, pNIC0 will want to be the Service Console. I would keep this on pNIC0.

But you definitely want SC/VMotion to be on different VLANs.

I.e.:

pNIC0 -> Portgroup0 -> vSwitch0 for SC (VLAN A) failover for pNIC1

pNIC1 -> Portgroup1 -> vSwitch0 for VMotion (VLAN B) failover for pNIC0

pNIC2 -> Portgroup2 -> vSwitch1 for VMs (VLAN ?)

pNIC3 -> Portgroup2 -> vSwitch1 for VMs

Note in this configuration SC get its own network card and so does VMOtion while the VMs get load balanced across 2. The only time VMOtion and SC data will comingle on a single network link is in failover mode for either pNIC0 or pNIC1. That is why each must have their own VLAN.


Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.

CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354

As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
biggz
Contributor
Contributor
Jump to solution

Thanks All!!

Reply
0 Kudos
biggz
Contributor
Contributor
Jump to solution

One more question...Why wouldn't we use the physical switch or EST vs VST?.

We only have 2 VLANS going to our core switch -(This question will come up as the network guys will put up some resistance).

Reply
0 Kudos
Rubeck
Virtuoso
Virtuoso
Jump to solution

You could do EST when only having 2 VLANs, and 4 pNICs.... but I would still use VST at any time. That way, when future VLANs pop up in the network I dont have to do anything beside creating a new portgroup on ESX hosts... No need for adding additional pNICs into the servers.

I still recommend creating a sepereate VLAN for VMotion as this type of traffic is unencrypted and passes in clear text...

/Rubeck

Reply
0 Kudos