Hi,
Can someone help me work this out please? I have had a nightmare trying to get HA working but that is for another post. First I want to reconfigure one of my ESXi boxes from scratch with your expert recomendations...
I have a HP DL 380 G4 with 2 onboard nics. I have installed an additional quad (4) port nic and 2 QLogic HBA's for storage. Can you tell me the correct why I should configure the box?
What I am thinking is this...
HBA0 - Private VLAN 2?
HBA1 - Private VLAN 2?
pNIC0 -> vSwitch0 -> Portgroup0 (service console) - Private VLAN 1?
pNIC1 -> vSwitch0 -> Portgroup0 (service console) - Private VLAN 1?
pNIC2 -> vSwitch1 -> Portgroup1 (VMotion) - Private VLAN 2?
pNIC3 -> vSwitch1 -> Portgroup1 (VMotion) - Private VLAN 2?
pNIC6 -> vSwitch3 -> Portgroup3 (VM Network) - Public LAN
pNIC7 -> vSwitch3 -> Portgroup3 (VM Network) - Public LAN
The part which I dont understand is the VLAN's. Should Service Console and VMotion be on separate VLAN's (required in esxi 3.5) or should the service console be on the Public LAN? Also should the HBA's be on the same VLAN as the VMotion VMKernel?
Very confused
Thanks.
I assume you have iSCSI HBAs.
First of all, make redundancy using ports from different physical NICs. If port goes down, it's very likely whole multiport NIC goes down. VMotion should not be on public network.
You can combine Service console and VMotion networks to one VLAN, since you don't have enough ports on internal NIC. Am I right that pNIC0-3 is quad and pNIC6-7 is internal?
vSwitch0 -> Portgroup0 (service console) - pNIC0 active pNIC6 standby - Private VLAN 1
vSwitch0 -> Portgroup1 (VMotion) - pNIC0 standby pNIC6 active - Private VLAN 1
All other pNICs add as active to vSwitch1 -> Portgroup2 (VM Network) - Public LAN
HBA0 - Private VLAN 2
HBA1 - Private VLAN 2
---
VMware vExpert '2009
Message was edited by: Anton V Zhbankov
I assume you have iSCSI HBAs.
First of all, make redundancy using ports from different physical NICs. If port goes down, it's very likely whole multiport NIC goes down. VMotion should not be on public network.
You can combine Service console and VMotion networks to one VLAN, since you don't have enough ports on internal NIC. Am I right that pNIC0-3 is quad and pNIC6-7 is internal?
vSwitch0 -> Portgroup0 (service console) - pNIC0 active pNIC6 standby - Private VLAN 1
vSwitch0 -> Portgroup1 (VMotion) - pNIC0 standby pNIC6 active - Private VLAN 1
All other pNICs add as active to vSwitch1 -> Portgroup2 (VM Network) - Public LAN
HBA0 - Private VLAN 2
HBA1 - Private VLAN 2
---
VMware vExpert '2009
Message was edited by: Anton V Zhbankov
Thanks, the penny has dropped!
So, A) The service console does go onto a Private VLAN and B) I configure it the way you have suggested as I am unable to obtain redundancy with the quad card the way I had specified in my original post.
Thanks.
P.S. Does it matter if I put the ISCSI HBA's on a separate VLAN or can I put them on the same VLAN as VMotion and Service Console?
After trying this there are a couple of problems with what you have suggested.
One is that you cant have two VMKernals on different switches on the same subnet and the second is that I cant assign the nic from one switch to another for failover, they would need to be on the same switch.
Still confused ;(
You'll have active-standby redundancy. Active link fail - it will switch to standby.
---
VMware vExpert '2009
There are some reasons to divide iSCSI network and management network (and public).
1. Security. iSCSI is insecure protocol and you can have access to private data transmitted over network. But as far as VMotion is not more secure, security is not reason here.
2. QoS. If you don't have traffic priorities on switches, no reason to divide.
But you should divide public (VM Network) and management, of course.
---
VMware vExpert '2009
You don't have to have 2 VMkernels, just 2 ways to access VMkernel, that's all. 2 links are enough.
---
VMware vExpert '2009
ESXi will not phisically let me place the VMKernal Port Service Console and VMKernel Port VMotion on 2 vSwitches if they are on the same subnet.
Also it will also not physically let me assign a vmnic on one switch as standby, active or anything else to another switch without first removing it from the switch it is on. They must be on the same vSwitch which is why the following suggestion will not work...
vSwitch0 -> Portgroup0 (service console) - pNIC0 active pNIC6 standby - Private VLAN 1
vSwitch1 -> Portgroup1 (VMotion) - pNIC0 standby pNIC6 active - Private VLAN 1
What I would need to do to get it to work is put them on the same switch in the same port group OR place them both on different VLANs, however if I done that then we still have a problem of not being able to use vmnic as standby which is already placed on another vSwitch.
Sorry, of course there is typo.
vSiwtch0 for both portgroups.
---
VMware vExpert '2009
... And the portgroups? I cant have two VMKernel objects on the same subnet.
Oh, I thought you have ESXes, not ESXi's because of "service console".
My ESXi's are working fine with one VMkernel only without any problem.
Once you upgrade to ESXi 4, you can have 3 VMkernels on the same subnet, one for management, one for VMotion and one for FT traffic.
---
VMware vExpert '2009
Bingo! Thanks buddy. I'll configure with one portgroup for both console and vmotion on a vlan and see how it goes. Then I can maybe split them out when I get round to version 4.