Hello All,
Thank you for taking the time to read this. I've been tasked with making my first nested lab. Currently the root vcenter is 6.5 with std switches.
I've been asked to and created 2 nested ESXi hosts and created a 2nd non-nested vcenter with embeded PSC, a vum and db servers to add the hosts
into.
The company does not want to use a DVSwitch only Std. I have created the nested hosts with no problem and assigned them to vlan 4095. With this
dns resolves and I can ping vcenters, gateway, etc with no problems.
When I attempt to connect the nested hosts to this newly created vCenter, I am not able to. Both the nested ESXi hosts and the new vCenter are on the
same Datastore.
I'm scratching my heading trying to get this to work as I'm pretty sure it will not work without a dvs...
Will this configuration work with nested hosts and non nested vcenter, vum and db?
Any assistance and feedback is very much appreciated.
Thanks in advance!
Hi,
As I know you can use VSS not only DVS. Can you telnet 443 from vcenter to ESXi ?
Also what error do you get when you add host to vCenter?
You can use standard switches, have you tried enabling promiscuous mode & allowed forged transmits on the port group the nested hosts are using?
Hello Omid,
Yes, Telnet works on port 443 from the vCenter server to both ESX ihosts. From the host downstream to the vCenter the switch has Forged, Promiscous and MAC changes set to enabled.
The switch upstream does not have those settings.
The error while trying to add to vCenter is:
"Cannot contact the specified host (hostname omitted ) The host may not be available on the network, a network configuration
problem may exist, or the management services on the host may not be responding"
I have tested mgt svcs on the host and everthing checks out as good. A restart if the mgt services and test also checked out as good.
Hello T180985,
Thanks for responding. Both Promiscuous and Forged have been set down stream from the nested ESXi hosts.
Does that need to happen upstream switch from the nested host back to the root vCenter?
Thank you!
Take a look at
https://www.virtuallyghetto.com/nested-virtualization
if you haven't already. I've never tried them but there are esxi appliances that are setup to work in a nested enviornment.
Hi sjesse,
I am familiar with William's site and have read quite a few of his articles on nesting and they have helped some.
Unfortunately he doesn't go into the type of configuration that I am attempting. I am thinking of creating another
switch that no other vm's reside on that I can configure with Promiscuous and forged transmits on it.
Also, we are not permitted to use any outside appliances otherwise I would have taken that route.
Not a big technical term person, just make sure promiscous mode and forged transmits are on the switch the nested esxi host connected to, can't remember what "Stream" that is. If you think about it the nested esxi host needs to change the mac and see all the network traffic. You shouldn't have to change those settings in the nested esxi's switches.
I have created the nested hosts with no problem and assigned them to vlan 4095.
What are you trying to achieve with VLAN 4095? Please explain the virtual network for the ESXi host, and the ESXi VMs more detailed.
André
Thank you all for the tips. It's very appreciated.
With the help of another we discovered it to be some kind of bug in DNS/DHCP resolution. When adding the host to the vCenter using the FQDN
it failed every time. Attempting to register via the static registered IP, it would also failed.
We UN-registered the forward and reverse records and we attempted again to connect via FQDN it still failed. Then we attempted to connect to
vCenter using only the new DHCP address the host connected successfully.
I would prefer using the FQDN of the host so it's easier to identify in vCenter but for the purpose of this testing lab identification by IP will suffice.
Thanks everyone for the suggestions!