Good point.., VMotion/SC on 2 nic's with alternative failover paths..

Hello,

If you have the pNIC separating SC and VMotion is a more secure way to go.

Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.

SearchVMware Blog: http://itknowledgeexchange.techtarget.com/virtualization-pro/

Blue Gears Blogs - http://www.itworld.com/ and http://www.networkworld.com/community/haletky

As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

I concur that it is a more secure way of designing your network, however sometimes operational requirements are also in the fold. and the fact is that it is secure until such at time as a NIC fails. and then the security is in still quite high unless your Admin network is compromised.

and if that was the case you would have more issues to worry about than the posibility of a sniffing of memory information during a Vmotion. :smileygrin:

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth

VMware Communities User Moderator

well i have couple of questions plz reply it as what is recommended by vmware.

is it necessary to have a seperate nic for vmotion, if we are planning to buy three esx servers, this implies that on each server we have to reserve two ports for vmontion. let three server are e1 ,e2 and e3, this means that vmotion LAN link from e1 to e2 also e2 to e3 and vmotion link from e1 to e3.

can we assign seperate network to vmotion. let we have 172.16.x.x networks in production and can i use 10.0.0.x network for vmotion.

also regarding vmotion the vmotion network must be seperate from the other networks.

also for SC, is it recommended that it must be on seperate nic.

how can i make connectivity with 3 servers and each server have 2 mgmt prots and 8 lan ports ( 4 dual port lan cards) and 8 FC ports. i have to run five networks other than vmotion.

waiting for your response.

well i have couple of more questions i will ask later after reply of this message.

Hello,

is it necessary to have a seperate nic for vmotion, if we are planning to buy three esx servers, this implies that on each server we have to reserve two ports for vmontion. let three server are e1 ,e2 and e3, this means that vmotion LAN link from e1 to e2 also e2 to e3 and vmotion link from e1 to e3.

Use a pSwitch or VLAN for this traffic. Rings do not work very well. Connect these ports to a switch.

can we assign seperate network to vmotion. let we have 172.16.x.x networks in production and can i use 10.0.0.x network for vmotion.

Absolutely. You should.

also regarding vmotion the vmotion network must be seperate from the other networks.

Yes

also for SC, is it recommended that it must be on seperate nic.

Yes

how can i make connectivity with 3 servers and each server have 2 mgmt prots and 8 lan ports ( 4 dual port lan cards) and 8 FC ports. i have to run five networks other than vmotion.

You have 7 networks all together, your 5 VM networks, vMotion, and Management (SC).

pSwitch -> pNIC0/pNIC1 -> vSwitch0 -> SC

pSwitch -> pNIC2/pNIC3 -> vSwitch1 -> VMotion

pSwitch -> pNIC4/pNIC5/pNIC6/pNIC7 -> vSwitch2 -> VM Network that supports VLANs for your 5 VM Networks.

If you do not support VLANs then you have to make some choices going forward. Are you able to use VLANs?

Best regards,

Edward L. Haletky

VMware Communities User Moderator

====

Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.

SearchVMware Blog: http://itknowledgeexchange.techtarget.com/virtualization-pro/

Blue Gears Blogs - http://www.itworld.com/ and http://www.networkworld.com/community/haletky

As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization

well i have couple of questions plz reply it as what is recommended by vmware.

is it necessary to have a seperate nic for vmotion, if we are planning to buy three esx servers, this implies that on each server we have to reserve two ports for vmontion. let three server are e1 ,e2 and e3, this means that vmotion LAN link from e1 to e2 also e2 to e3 and vmotion link from e1 to e3.

this comment has confused me, are you implying that you do not have shared storage???? if you do not have shared storage you will not be able to Vmotion anyway

can we assign seperate network to vmotion. let we have 172.16.x.x networks in production and can i use 10.0.0.x network for vmotion.

Yes, it is expected that there is at least a different IP address, a totally separtate networks is a much better idea.

also regarding vmotion the vmotion network must be seperate from the other networks.

It does not need to be, however this would seriously compromise the security of your implementation, and increase strain on your production networks during a VMotion event.

also for SC, is it recommended that it must be on seperate nic.

yes absolutely, see my earlier post

how can i make connectivity with 3 servers and each server have 2 mgmt prots and 8 lan ports ( 4 dual port lan cards) and 8 FC ports. i have to run five networks other than vmotion.

See my earlier post

repeated here

eth0 - SC active VMotion failover

eth1 - Vmotion active SC failover

then trunk your remaining NICs in a 802.1Q trunk and run VLANs to portgroups defined on the vSwitches.

I also have a question why have you got 8 FC ports per server, I feel that this is a little over kill.

waiting for your response.

well i have couple of more questions i will ask later after reply of this message.

Ask away

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

Tom Howarth

VMware Communities User Moderator

i have shared storage on SAN.

ok i got it that vmotion network must be seperate from othernetwork this implies that for every esx server there is only one physical nic reserverd of vmotion.

how can i take consolidated backup three esx servers. also do tell me that shared storage is accessed by three esx serers, also is it necessary that for consolidated backup virtual center have access to shared storage on SAN that is accessable by three esx servers.

one thing more how can i make connectivity for consolidated backup.

well i have read the pdf documents and seen CBTz of vi3

well thanks for your help