VMware Cloud Community
wbyadmin
Contributor
Contributor
‎08-01-2017 11:36 AM

ESXi Host Physical Nic / vSwitch / vNic config

I have recently taken over management of 2 vmware hosts and 1 SAN... Based on my readings of vmware best practices, this is set up the exact opposite of how it should be, ha. I am going to try and be as thorough as possible, and I am really just looking for a little guidance to point me in the right direction to get this set up configured properly.



 

Physical Hardware is set up what looks to be correct(mostly)

we have 2 hosts, each has 4 built in NIC ports, and also have a NIC card that has 4 ports. all gigabit.

I have two 24 port Cisco switches configured Master / Secondary (for failover)

I have a VNXe 3150 storage array with 2 storage processors, each storage processor has a total of 6 gigabit NIC ports.

Ports going from the VNXe to the Cisco switches are bonded, I have 2 ports on each SP bonded crossing over to opposing Cisco switches. And then I have 4 ports bonded crossing over to opposing Cisco switches as well.

My two hosts are set up identically.

4 ports are not bonded and each is attached to their own vSwitch and are iSCSI connectors

vSwitch1 – iSCSI1 – vmk2 – vmnic2

vSwitch2 – iSCSI2 – vmk1 – vmnic3

vSwitch3 – iSCSI3 – vmk3 – vmnic6

vSwitch4 – iSCSI4 – vmk4 – vmnic7

Those are the iSCSI connections, the remaining 4 ports are configured as

vSwitch0

vmk0

Management network(no vlan) – Active Adapters = vmnic0 – vmnic1 – vmnic4 – vmnic5

VM Network(no vlan) – Active Adapters = vmnic0 / Standby Adapters = vmnic1 – vmnic4 – vmnic5

Load balancing is based on originating virtual port

Physical adapters vmnic0 – vmnic1 – vmnic4 – vmnic5



 

So correct me if I'm wrong, with this current set up, all VM Network traffic is being routed out over 1 NIC, and the other 3 are sitting idle?



 

Based on the settings above which I think to be way wrong, what would be the best solution to getting this set up better, and more along the lines of vmware best practices?

I’ve read that Management traffic should be on its own vlan, should it also be on its own physical nic port? I can’t get to crazy as this is in a production network, luckily I can move over all vm’s to the second host to reconfigure things and have 0 down time.

Any thoughts are super appreciative.

Thank you

George

0 Kudos
5 Replies
a_p_
Leadership
Leadership
‎08-01-2017 11:59 AM

It basically looks ok for me, except for the VM network.

What I'm missing in your description is a vMotion network!? Don't you have this configured (e.g. due to licensing)?

With the information you provided, you can actually set all the vmnics on the VM network port group to Active (can be done online). This will result in traffic distribution across the uplinks once the VM's are shutdown, and started again.

Running the Management on a separate subnet/VLAN is something you can do, but IMO it's not really required if the ESXi hosts are in a server VLAN (i.e. not clients in the subnet).

André

0 Kudos
SureshKumarMuth
Commander
Commander
‎08-01-2017 12:10 PM

currently, only vmnic0 is in use and other 3 adapters are in standby mode. all management traffic and VM traffic is going through only one nic card vmnic0. You can segregate the traffic in following ways if you cant create a separate vlan segment.

you may create a separate vswitch for management and vmotion traffic and use vmnic0

And, make all the other 3 adapters(vmnic1 – vmnic4 – vmnic5) as active adapter in the virtual machine port group, so that as Andre said whenever a VM gets rebooted, it can choose the other nic to pass the traffic. If you can create an etherchannel grouping at the physical switch level, you can change the port group load balancing policy to IP hash, so that you can achieve load balancing.

Regards,
Suresh
https://vconnectit.wordpress.com/
0 Kudos
wbyadmin
Contributor
Contributor
‎08-01-2017 12:26 PM

vMotion traffic travels on the Management Network, vSwitch0

0 Kudos
wbyadmin
Contributor
Contributor
‎08-01-2017 12:34 PM

on the switch side I can enable port trunking/bonding, and that may be the ticket to get load balancing working properly.

0 Kudos
SureshKumarMuth
Commander
Commander
‎08-02-2017 06:42 AM

Yes, on switch side if you enable etherchannel, you can use IP HASH load balancing policy at the vSwitch level. You may also refer vsphere documentation to implement the solution.

http://www.mikes.eu/index.php/what-is/210-load-balancing-via-route-based-on-ip-hash.html

Regards,
Suresh
https://vconnectit.wordpress.com/
0 Kudos