VMware Cloud Community
rdarlin2
Contributor
Contributor

Requesting assistance: How To configure it correctly

Environment:
10 Physical servers on Network 10.10.20.x
ESXi 6.0 (4 servers) on Network 10.10.20.x
vCenter 6.0 (physical server) on Network 10.10.20.x
20+ VMs on Network 10.10.20.x
(1) dvSwitch for all 4 ESX servers
Cisco 7000 Switches (2 switches) on Mgmt Network 172.26.x.x

I have little or no experience with VMWare, and have just attended the two Cisco CCNA classes to give me a

foundation of knowledge to help me to configure network equipment to support the environnment.

I have been handed the above network to manage, and I need assistance to understand first... how ESXi should have

been set up, and in conjunction with that, how to configure the switches connecting the ESX and vSphere servers to

support the VM network.

I see several problems:
I have production servers on the .20 network, AND the ESX managment traffic on the same .20 network
I do not have vMotion configured, and do not have a separate network (or VLAN) on which to put that.
At this point, there are only (2) 1GB NICs in each ESXi server to carry all traffic.

In addition, I am being tasked to set up some VMs on a separate network, which needs to be segregated from the

production .20 network  (this traffic will be on the 10.10.22.x network).


To me, all of the above seems to require setting up the ESX servers and the ports connecting the ESX to the Cisco

switch to support multiple VLANs.

My thoughts about what needs to be accomplished are the following:
1) Put the ESX servers themselves on the Management Network VLAN 26 (172.26.x.x) (configurable at the console of

each ESX server)... while keeping the VMs on the Production .20 Network VLAN 2
2) Ensure the vCenter server is also on the Management Network VLAN 26 so that it can manage the ESX Cluster.
3) configure the Cisco switch ports to Trunk mode - allowing all VLANs (native VLAN is VLAN 1).. meaning all

traffic ( ESX Mgmt VLAN26, Production .20 network VLAN2, .24 network VLAN22 ) would be in VLANS and all traffic is tagged.
4) after the above is working, add additional VLANs and networks in the 172.26.x.x range for vMotion, HA-Heartbeat, etc.

Before getting into the weeds on HOW to do this... Does this make sense?  Am I missing or misunderstanding anything?

Thanks,
Rich

Reply
0 Kudos
3 Replies
Texiwill
Leadership
Leadership

Hello,

If it were me I would get more NICs for each of your ESXi hosts. In this case I would:

Setup 1 vSwitch w/the two pNICs together in a load balanced failover pair and set up Virtual Switch Tagging (VST). In essence you trunk the VLANs through to the virtual switch and set up portgroups for each VLAN. On that 1 virtual switch you can have 4K-2 VLANs, so use them. Look up Virtual Switch Tagging. Start here and read about virtual switches.

In this case each pNIC would connect to a different 7K switch. I would then setup a VLAN for mgmt on the 172.26.x.x network. another VLAN for vMotion, another for Workloads on different VLANs.

This way you make use of the 2Gbps you have available.

In addition, get more pNIC. I would get at least 2 more ports for each, that way you have some level of physical separation between management and workloads as well as have more bandwidth available.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009-2016

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
Reply
0 Kudos
rdarlin2
Contributor
Contributor

Edward,

Thanks for your reply -

I am working on getting a couple of 10G Nics for each ESX server - so I understand what you are driving at there.

I THINK I understand VST, and setting up port groups for the different vlans needed.

I also THINK I know how to configure the switch port interface to Trunk and allow all or specific VLANs across the connection.

However, how do you set the Management port group "VLAN Type"..  Is that as 'VLAN' and give it a VLAN#, or as 'VLAN Trunking' or as 'None'???

Assume that we allow all vlans across the connection and don't specify...

Thanks for your help.

Rich

Reply
0 Kudos
Texiwill
Leadership
Leadership

Hello,

You set the VLAN on the portgroup, so when you attach vCenter to the Portgroup it is a member of the VLAN. Nothing to do with vCenter or management VMs. Just make sure the port on the pSwitch has all the VLANs being sent to ESXi and handled by the vSwitch. For ESXi you will have to set the VLAN # as that does not use a portgroup directly.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009-2016

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast


--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
Reply
0 Kudos