Solved: Re: Do we need to use VLANs for our small environm...

VMware Cloud Community

We have four ESXi 4.1 servers with dual quad core Xeon processors and 96GB of RAM each and 4 NICs. We also have two IBM DS3512 iSCSI SAS storage devices with everything connected with gigabit Ethernet. We have around 15 VMs total spread out on the 4 hosts.

We separated out iSCSI ports on separate vSwitches. Is there a real need to use VLANs as well to separate storage traffic or is that overkill for our small size? I didnt know if it was something you should do no matter what or if it was just for larger environments.

1 Solution

Accepted Solutions

Either Vlans or actual dedicated switches. Both are considered best practice. Having other traffic on the same subnet / vlan / same switch as the iSCSI traffic is way way not considered best practice. iSCSI traffic is a unique, specifc type of IP traffic and does not mix well at all.

If you want to mix that traffic you should have a NAS not iSCSI san.

View solution in original post

13 Replies

If the traffic is mixed on the switches? I am going to say yes, you need to separate the traffic.

iSCSI running with lan traffic is bad news performance wise indeed. I have setup a ton of three host ESX clusters and have tried to have the traffic mixed just for testing and it was not pleasant.

PS: I don't use Vlans, I use actual physical switches. Isolated from lan traffic. A switch / switch stack for each unique subnet on the storage network. I use relatively inexpensive switches for this though admittedly.

We have separate subnets for the storage because we are trying out VLANs now but the storage traffic is going through switches that are being used for other traffic as well. Is that what you mean?

Do people have dedicated switches for their iSCSI traffic?

If you want to mix that traffic you should have a NAS not iSCSI san.

You better go for VLAN to avoid broadcast, collution and separate traffice. In this case you need a trunk port between your switch and ISP switch to communicate different VLAN. If your service provider not provide trunk port then you need a router to route the VLANs.

Regards,
Milton

Never trust a computer you can't throw out a window

If you go for separate VLAN then your have to use separate subnetwork IP address and gateway for each VLAN. Then you have to decide how many VLAN you will create for your network.

Never trust a computer you can't throw out a window

We have it setup with VLANs now but were just wondering if we really needed to do it that way and could avoid some complexity by not using them.

I agree it can't hurt, VLAN make things better and easier to manage anyway, so I would say do VLAN from the start.. separate the traffic.

VLAN can reduce network conjection and broadcast. So network will be free of unwanted traffice. Also have administrative controll and manage ypur network.

Never trust a computer you can't throw out a window

VLAN are the best thing to implement, doesnt matter if you are in small environment or in a large environment.

Even better from Security Prespective and easy to manage. I would prefer use of vlans

I agree. If you are in the same office, big or small. VLAN is absolutely perfect and easy to install to each of your machines.

Are you sure that VLAN needd to install????????

Never trust a computer you can't throw out a window

Hi, You no need to install VLAN you have to configure the VLAN.

Never trust a computer you can't throw out a window

All

Do we need to use VLANs for our small environment?