VMware Cloud Community
jmcar
Contributor
Contributor
‎05-18-2007 07:56 AM
Jump to solution

HA Resilient Isolation Gateway

OK, so we have three ESX 3.0.1 host setup and running VMs, a Virtual Centre 2.0.1 server and DRS all configured. Currently all is working fine but I am now scratching my head over HA and gateways for pinging to establish isolation.

I have set up a virtual switch with Service Console and VMkernal, Vmotion enabled. This has 2 NICS assigned, nic1 active for Service Console, nic2 standby and the oposite for the VMkernal port group.

Virtual Machine Port Groups are configured with resilience, being plugged into 2 seperate switches also.

My concern is around the ip address used by HA to establish whether a host is isolated or not. If i specify this as being the gateway (default) or the ip address of another device on our network, everything will be fine until that device is powered off or fails. I can quite happily take down my default gateway without affecting internal clients connecting to virtual machines. However if I invoke HA, and then take down this gateway, all my VMs will power down even though clients could still connect to them.

I have thought this through, trying to remove any single points of failure, but keep coming back to this ip address that HA pings. I guess I need to have a clustered switch or something on my network that provides hardware redundancy behind this ip address? - not a VMware problem exactly but one that will affect HA.

Has anyone any bright ideas about this? If the gateway goes down, the Hosts will not be able to ping it but they will still be visible to each other on our internal network, will HA ignore the gateway in this instance and not put any hosts into isolation?

Reply
0 Kudos
1 Solution

Accepted Solutions
sbeaver
Leadership
Leadership
‎05-18-2007 08:01 AM
Jump to solution

ESX uses the service console to check the status of other host. If all of your ESX servers in the cluster are on the same vLan of IP segment then the ESX servers should not even need to go out the gateway to talk to each other.

Also you can set things up to leave the VM running in an isolation problem

Steve Beaver
VMware Communities User Moderator
VMware vExpert 2009 - 2020
VMware NSX vExpert - 2019 - 2020
====
Co-Author of "VMware ESX Essentials in the Virtual Data Center"
(ISBN:1420070274) from Auerbach
Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/]
Come follow me on twitter http://www.twitter.com/sbeaver

**The Cloud is a journey, not a project.**

View solution in original post

Reply
0 Kudos
3 Replies
sbeaver
Leadership
Leadership
‎05-18-2007 08:01 AM
Jump to solution

ESX uses the service console to check the status of other host. If all of your ESX servers in the cluster are on the same vLan of IP segment then the ESX servers should not even need to go out the gateway to talk to each other.

Also you can set things up to leave the VM running in an isolation problem

Steve Beaver
VMware Communities User Moderator
VMware vExpert 2009 - 2020
VMware NSX vExpert - 2019 - 2020
====
Co-Author of "VMware ESX Essentials in the Virtual Data Center"
(ISBN:1420070274) from Auerbach
Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/]
Come follow me on twitter http://www.twitter.com/sbeaver

**The Cloud is a journey, not a project.**
Reply
0 Kudos
jmcar
Contributor
Contributor
‎05-18-2007 08:34 AM
Jump to solution

Thanks for this. I had already looked through the other posts which give a good explanation as to setting this up with resilience but the fact that the ESX hosts can talk to each other on the local LAN and do not require a gateway to be actually up and running is what I was after.

I'll get the hang of asking for what I need in a more concise manner soon Smiley Happy

Reply
0 Kudos