Solved: Re: Network Best Practice for 6 Uplinks - Page 2

TheTone · ‎07-30-2009

Can someone help me out and tell me a recommended best practice for segregation using 6 Uplinks. Ideally I would like to have 2 for Management, 2 for VMotion, 2 for Production and 2 for iSCSI (Software). However I only have 6 pNICS. What would people here recommend when using HA and DRS clusters?

I would also like to use load balancing on the iSCSI team but not sure how to set this up. The SAN has two NICS and are trucked using 802.1ad. How would I setup the load balancing on the iSCSI vSwitch to take advantage of the trunk to the SAN?

Any help or pointers to the right white papers or documentation would be really appreciated.

Thanks

Tony

virtualportal · ‎08-13-2009

Yes, I am assuming that the phyical switches are cisco IOS?

if so you need to do the following.

1. on both Physical Switches - Create VLANs (you may also want to add descriptions to these after)

config# vlan 100

config# vlan 101

2. on Ports 1, 23 and 24 on Both Physical Switches - Make them trunk ports

config-if# switchport mode trunk

3. on ports 1, 23 and 24 on both Physical switches - Allow through VLANS between Switches

config-if# switchport trunk allow vlan 100,101

NOTE: You can set up a VTP Domain between trunked switches. This would mean that Steps 2 and 3 would not need to be completed. Look at the following Link on Configuring a VTP Domain on Cisco Switches.

Finally I would then on vSwitch0 create two port group IDs, one for each VLAN.(Service Console for 100 and VMkernel for 101) And then add pNic0 and pNic1 as uplinks.

Hope this gets it all working, and that you are using Cisco Switches

Steve

TheTone · ‎08-13-2009

Helps but I am not using Cisco switches.

I am using Netgear Prosafe GS724T Smart Switches.

Is there any reason why port 1 needs to be included in the trunk? I thought trunking was just to create an aggregated link between 2 switches?

I would of thought that just tagging ports 23, 24 in each VLAN (100 and 101) would allow the traffic through the 2 port trunk to the other switch?

Also with Netgear switch we are using only allows trunks to be created within a bank of ports (4 banks)?

Thanks

Tony

virtualportal · ‎08-13-2009

I am not familiar with Netgear switches unfortunately. However i would not see how it would be possible to have a port connected to two sperate VLAN's unless it was a trunk.

A Trunk is the only way that i know for a port to share traffic for more than one VLAN at once.

Port 1 Needs to be a trunk to allow the VLANs through to the ESX Host, so that the port groups on the vSwitch can use them.

Have a play around and hopefully you can get it all working.

Steve

TheTone · ‎08-13-2009

For the load balancing on this switch would you do the following:

Portgroup0 > uses pNIC1 as its preffered NIC and pNIC2 as a failover NIC.

Portgroup1 > uses pNIC2 as its preffered NIC and pNIC1 as a failover NIC.

That way both NICS are used at all times, one for VMotion traffic and 1 for Management traffic. Then if a pNIC fails it will use the other pNIC so that when a failover situation happens 1 pNIC takes all the load of both sets of traffic until the failed pNIC is returned to active duty?

Would it be best to force the situation above or to simply use the standard loadbalancing method that is port based.?

The reason I ask this is because if using the default port based method there might be a chance that only 1 pNIC is ever used for both sets of traffic?

Thanks again

Tony

virtualportal · ‎08-13-2009

Hi,

I would use:

Load Balancing: Route Based on Originating Port ID

Network Failover Detection: Link Status only

Notify Switches: Yes

Failback: Yes

THis of course is just my opinion it is whatever suits you best. You may want to use beacon probing if you would like a constant heartbeat from your links.

Steve

TheTone · ‎08-13-2009

Ok, I will try both methods but I think I will stick with the way I mentioned as I want to guarantee both pNIC's are fully utilized.

I have done something similar to this with software iSCSI and I have managed to get both pNICS transmitting at the same time when using 2 targets.

Didn't think it was possible to load balance with software iSCSI in 3.5 but I have managed to get it working.

Thanks for your help

Tony.

JDLangdon · ‎08-13-2009

pNIC0 -> vSwitch0 -> Portgroup0 (Management)
pNIC1 -> vSwitch0 -> Portgroup1 (Production)
pNIC2 -> vSwitch1 -> Portgroup2 (iSCSI Storage)
pNIC3 -> vSwitch1 -> Portgroup2 (iSCSI Storage)
pNIC4 -> vSwitch2 -> Portgroup3 (VMotion)
pNIC5 -> vSwitch2 -> Portgroup3 (VMotion)
This is how I would have done it.
If I go with your recommendation of VMotion and Management on the same switch then is that not a security issue as VMotion does not encrypt its traffic?

The security issue of using the same vSwitch can be mitigated by using separate VLANS.

________________________________

Jason D. Langdon

Formatter · ‎04-13-2010

Tony

Formatter · ‎04-13-2010

Tony

Formatter · ‎04-13-2010

Tony need some assistance with the Netgear GS724T switch and trunking,, I sent you a private email and if you could help I would appreciate it.