VMware Cloud Community
robert_23
Contributor
Contributor
‎01-05-2017 02:52 AM
Jump to solution

VCenterSA 6.5 HA / HA interfaces in different subnets

Hi,

I read in documentation that HA interfaces of active, passive and witness server can be in different subnets. But there is also written that no default gateway is allowed on HA interfaces.

How can those HA interfaces communicate with each other when they are in different subnets? Do I have to configure static routes?

0 Kudos
1 Solution

Accepted Solutions
Mattallford
Hot Shot
Hot Shot
‎01-05-2017 01:10 PM
Jump to solution

Hi Robert,

Looks like taking the static route is correct. It would be helpful to see this information added to the VMware documentation or a KB article.

Cheers, Matt.

VCHA_Static.PNG

VCP6-DCV | VCAP6-DCV Deploy @mattallford If you found my answers useful, please help me by marking them as Helpful or Correct!

View solution in original post

0 Kudos
5 Replies
Mattallford
Hot Shot
Hot Shot
‎01-05-2017 03:14 AM
Jump to solution

The second NIC on the active/passive VC and the witness should all be on the same network/subnet as each other, but this should be a different network than the network used for the first NIC on the active/passive vCenter server nodes.

For example, if your main vCenter IP address is 192.168.0.10, then you should use a different network such as 192.168.1.0/24 for the HA network. The second NIC of the primary VC, passive VC and witness would all be connected to the 192.168.1.0/24 networks, not each individually on their own network.

Here is a diagram from the product walkthroughs (Product Walkthroughs). ETH0 on the active/passive nodes share the same IP address. ETH1 on each of the three nodes need to be on a different network than ETH0, but they should all be on the same 'other' network.

VCHA.PNG

VCP6-DCV | VCAP6-DCV Deploy @mattallford If you found my answers useful, please help me by marking them as Helpful or Correct!
0 Kudos
robert_23
Contributor
Contributor
‎01-05-2017 03:36 AM
Jump to solution

Hi Matt,

yes, eth0/public IP must be at an different subnet. But according to documentation eth1/HA interfaces of active, passive and witness node can be also in different subnets:

"The vCenter HA network must be on a different subnet than the management network. The three nodes can be on the same subnet or on different subnets."

(ESXi and vCenter Server 6.5 Documentation > vSphere Availability > vCenter High Availability > Configure the Network)


An example is here: Configure vCenter 6.5 HA with the Advanced Option I have same requirements as in this example :

public:

- VLAN "A" for eth0 public interface is available on both sites, so public IP adress can move from active to standby node.

HA:

- eth1 of active node and witness node1 at site1 is connected to VLAN "B"

- eth1 of passive node at site 2 is connected to VLAN "C"


But I dont understand how this can work without a route information for eth1 interfaces.

0 Kudos
Mattallford
Hot Shot
Hot Shot
‎01-05-2017 03:55 AM
Jump to solution

Gotcha. I hadn't come across this yet.

My initial suspicion is that this would be achieved by static routes, but given there isn't any information in the VMware documentation or a KB mentioning this I'd be a bit hesitant.

I suspect the witness node will be OK to have a default gateway set as it only has one NIC active.

I'm going to ping a couple of the VMware guys heavily involve din this on twitter and I'm sure they'll be able to confirm shortly. I'll be keen to see the answer.

Cheers, Matt.

VCP6-DCV | VCAP6-DCV Deploy @mattallford If you found my answers useful, please help me by marking them as Helpful or Correct!
0 Kudos
Mattallford
Hot Shot
Hot Shot
‎01-05-2017 01:10 PM
Jump to solution

Hi Robert,

Looks like taking the static route is correct. It would be helpful to see this information added to the VMware documentation or a KB article.

Cheers, Matt.

VCHA_Static.PNG

VCP6-DCV | VCAP6-DCV Deploy @mattallford If you found my answers useful, please help me by marking them as Helpful or Correct!
0 Kudos
robert_23
Contributor
Contributor
‎01-06-2017 01:30 AM
Jump to solution

Thanks Matt, I'll try that. I second the need to add this information to KB together with a VMware supported method to add static routes. I'll try the method which is described in this link ( vCenter Server High Availability Review – Part 2 | StarWind Blog ) but I dont know if it will persist when VCSA appliance is updated.

0 Kudos