Separate VSANS / Mgmt / Vmotion traffic on different switches

Hello

I want to build a hybrid Cluster VSAN 4 knots (6.x).

I have 2 x 10GE switches dedicated for Taffic VSAN

also 2 * 1GBE switches for management / VM / Vmotion traffic

Each host has 2 10 GbE NIC, 1 uplink for each of 10GBE switches

Each host also has 4 * rising 1GBE, 2 for each of the switches 1GBE

My idea is to use 10GBE just for VSAN traffic (separate DVSWitch, an asset, a standby) on each 10GBE switch

Also to use 2 Ports on the management traffic (separate DVSWitch, an asset, a standby) on each 1GBE switch

And use 2 Ports on traffic VM (separate DVSWitch, an asset, a standby) on each 1GBE switch

VMotion traffic would be on the same rising as management, but active / standby vice versa

Question: is - this possiuble / useful to connect vmotion for 10 GbE uplink ports (active standby vice versa VSAN traffic)

I appreciate any useful comment on my scheduled install (I have no boy networking)

Couple thoughts. You can run several vKernels to VSAN and vMotion (allowing one on each switch). To VSAN, use of VLANS / subnets (one on each switch offers you a pleasant has / B space) while vMotion must have all the vkernel on the same subnet 2 ideally layer. This allows for maximum reliability, in theory faster failover and access flow. This also has the advantage of if your cluster is not big (bigger that say 48 ports) you can avoid having multicasting, leaving the switch (usually requires more quarrels with the cats of network) as each switch TOR will have its own VSAN network. Then use the NIOC for butterfly and protect the traffic between them. Now the NIOC is not as effective as SR - IOV (but its good enough) to 100% and you will maximize your investment 10 Gbps without swamping the things.

Network management interface VMkernel = explicit order of Fail-over = active P1 / P2 ensures 10.1.1.1/24 VLAN 100
vMotion VMkernel - an explicit order of Fail-over = interface = active P1 / P2 ensures 10.1.2.1/24 VLAN 101
vMotion VMkernel-B interface = explicit Fail-over order active = P2 / P1 ensures 10.1.2.2/24 VLAN 101
Machine virtual Portgroup = explicit Fail-over order = active P1 / P2 ensures 10.1.2.1/22 VLAN 102
Virtual VMkernel-A SAN interface = explicit order of Fail-over = active P1 / P2 in standby (or not use) * 10.1.3.1/24 VLAN 103
Virtual interface of SAN VMkernel-B = explicit Fail-over order active = P2 / P1 Eve (or not use) * 10.1.4.1/24 VLAN 104

In this case, VLAN, 100, 101 and 102 will be on all switches.

* 103 and 104 could be configured to only exist on each switch (has / B isolation, failover do not switch on the value and set up on both) or exist on both (and use standby) as described. This design will focus on maintaining the communications host-to-host on the same switch (decreases complications with multicasting and reduces its lag time as VSAN traffic does not have to jump to another switch unless you run out of switch ports, but now with dense 40Gbps past using 10 Gbps break out in theory you could hit the limit of 64 nodes on a single switch).

I'm curious of anyone thoughts on just disable the failover and forcing them to each core sticking to its switch (and accepting loss of communication) on this vKernel in the event of a switch failure. I want to do some tests with both laboratory and to test the failover of the switch/path between both of these configurations (compared to a configuration unique vkernel).

However, some people prefer a 'simpler' configuration if (and I'm not opposed to that).

Duncan drawn active passive failover configuration with of the vKernel unique for each host.

In theory not being not not as dependent on the NIOC for insulation of storage should help the latency for the short bursts it takes to NIOC launch design active active vs.

Control IO SAN and virtual network

Network management interface VMkernel = explicit order of Fail-over = active P1 / P2 ensures
vMotion VMkernel interface = explicit Fail-over order = active P1 / P2 ensures
Machine virtual Portgroup = explicit Fail-over order = active P1 / P2 ensures
SAN VMkernel virtual interface = explicit order of Fail-over = P2 active / standby P1

Tags: VMware

Similar Questions

VMotion traffic isolation, vlan trunking

We have 2 full length M910 blade servers sitting in the dell blade enclosure. Installed esxi 5.0 on the two blades and joined them to the cluster.
Each server blade full length a 8 network cards. 2 ports double aboard the card NETWORK and 2-port Ethernet mezzanine card. All are connected to the internal cisco switch 3130 installed on the module e/s A1, A2, B1 and B2. all the internal switches are stacked together by the network team. and there is a link to internal switch (uplink) and an external switch (ports) that are on the vlan 137
All the ports that are connected to the esxi host are configured as trunk on the switches of internal physical cisco blade by the network team. in our total case 16 ports (8 cards x 2 servers) are fixed to the internal trunk on cisco switch and there is internal cisco switch uplink and our external switch (located on vlan 137)
On esxi5.0, we set up a big flat switch affecting all physical network cards to Vswitch 0.
Please refer page for groups of ports configured.

To isolate the vmotion traffic, we have configured tag (150) vlan different for vmotion. but vmotion does not work. Unable to ping of vmotion ips with each other. But if I change brand VLAN to 137. vmkping works on the other and work of vmotion.
If I change brand VLAN other than 137 to any group of ports (for example, management or virtual machine), I'm losing connection to the corresponding port group.

I think that missing configure something on the blade switches internal cisco (3130). Please advise on what needs to be configured. I know that kind of why trunking is required. If you could explain the exact purpose of why the necessary circuits for esx would be great.
What is advised to configure a virtual switch, such as a large flat switch or multiple switches
Assigning to each switch port group. recommended configuration to enable balancing the increased load of incoming and outgoing and fail over. detailed explanation would be really useful for non admins networks

I will try to describe one of the possible configurations.

First some facts/support:
- 2 ESXi hosts
- 4 blade switches
- 1 external switch
- 8 NICs in each server Blade (2 NICs for each of the switches)
- vmnic0 and vmnic4 are connected to two different switches
- different subnets / VLAN for vMotion (100), management (101) and VM networks (102,...)
- all VLANS represent them different IP subnets
Virtual network configuration:
- 2 vSwitches: 1 for management, 1 for VM networks and vMotion
- vSwitch0 for management and vMotion (vmnic0 + vmnic4)
  --> Management ports (VLAN 101) Group: vmnic0 (active), vmnic4 (at rest)
  -> vMotion Port Group: (VLAN 100): vmnic4 (active), vmnic0 (at rest)
- vSwitch1: VM networks (vmnic1.. 3 + vmnic5...) 7)
  -> VM 1 (VLAN 101) port group
  -> Port VM 2 (VLAN 102) group
  -> ...
Blade switches:
- all the VLANS configured in the virtual network are present
- all ports of downlink to the ESXi hosts are configured to trunk mode, all the VLANS allowed
- at least 2 uplinks and the external switch configured as a trunk, EtherChannel (LACP)
- ports of rising and descending liaison (on each of the switches) are a group of track link state
External switch:
- all the VLANS configured in the virtual network are present
- four channels of Port/EtherChannels (LACP), one to each switch blade
You can configure the VLANS on switches separately or by VTP. In any case, all the VLANS should be present on the switches of. If you need to route traffic between some VLANs, you must either set up a router on your network, or - in the case where the switches support and are properly authorized - configure routing ip (Inter VLAN routing).

André

5508 interfaces with two different switches configuration

Hello

I have a 5508 WLC and two 4507 switches that are configured in HSRP.

Now, I want to configure 5508 interfaces:

If I want to configure management interface, I need the physical port card

Question: How can I correspond to two physical port that are connected to two different chassis?

Configuration interface AP-Manager's optional?

in this scenario, I'll have to divide AP traffic between two switches (EQ. Assume that 10 aps are, I want to connect to a switch and another 5 to another switch 5).

How to divide?

Please guide me to configure the interface in this scenario...

I have with your answer.

Hi Vinod,

Wasn't this already answered here: https://supportforums.cisco.com/thread/2052962 ?

HTH,
Tiago

--

If this helps you or answers to your question if it you please mark it as 'responded' or write it down, if other users can easily find it.

Question on isolate the vmotion traffic.

Hello
I have a question, we try to isolate the vmotion traffic and I have a problem.
I have two vswitches.
Vswitch 0
only management option selected, 10.85.85.4, 255.255.254.0 subnet, gateway 10.85.85.1, trunk, VLAN 85 port
Nic0 and nic 1
vswitch 1
VMotion selected only, 10.85.80.2, subnet 255.255.255.0, gateway 10.85.80.1, access port, VLAN 80
When I change the default GW on vswitch 1 change the default GW on vswitch 0 also and I lose
connectivity. I understand that you cannot have two vmkernel of GW, if this is not how to fix this?
Thank you
Greg

It is correct as long as vmotion ports are on the same subnet, there will be no need for routing - whther vlan can span the main switch is a matter of idfferent.

Isolate the VMotion traffic

I can't find other reasons to isolate the VMotion traffic, other than to keep the information unsecurred that they are exposed to the rest of the network. Is a VLAN for VMotion only a safety precaution?

Hello

It is not required to devote vSwitch for VMotion, defining the right policy for the use of network cards is enough.

Not sure I agree with that, but it's because of the layer 2 issues more than anything else. It's okay if you APPROVE VLAN. If you do not trust VLAN because of the possible layer 2 attacks within your physical network so it is not acceptable.

There are two reasons to separate the VMotion traffic:

(1) performance. When you need VMotion you want as quickly as possible, you don't want it was contesting with disk i/o or any other network IO. In generally, it was acceptable to share networks VMotion and SC SC being generally low use unless you're cold migration of virtual machines from node to node, etc..

(2) security. You absolutely want VMOtion to be separated. Think what you are doing, you transfer the image memory of the VMs on a wire in CLEAR TEXT. Is that if you flip the bit that says to use SSL to ensure this. Despite this, SSL MiTM may be possible (not tested yet). Images of memory contains identifying information. Hackers love this type of data.

So yes, security is the main reason... Are enough VLAN? It depends on your level of TRUST in virtual LANs as well as your security policy.

Best regards

Edward L. Haletky VMware communities user moderator, VMware vExpert 2009, url = http://www.virtualizationpractice.comvirtualization practical analyst [url]
"Now available: url = http://www.astroarch.com/wiki/index.php/VMware_Virtual_Infrastructure_Security' VMware vSphere (TM) and Virtual Infrastructure Security: securing the virtual environment ' [url]
Also available url = http://www.astroarch.com/wiki/index.php/VMWare_ESX_Server_in_the_Enterprise"VMWare ESX Server in the enterprise" [url]
[url =http://www.astroarch.com/wiki/index.php/Blog_Roll] SearchVMware Pro [url] | URL = http://www.astroarch.com/blog Blue Gears [url] | URL = http://www.astroarch.com/wiki/index.php/Top_Virtualization_Security_Links Top security virtualization [url] links | URL = http://www.astroarch.com/wiki/index.php/Virtualization_Security_Round_Table_Podcast Virtualization Security Table round Podcast [url]

Best practices of priority network traffic at the switch

What is usually the best way to prioritize the specific traffic a VLAN specific?

I work with the differentiated Services to match the traffic of a VLAN specific and assign a queue of 6 switch to give traffic a higher priority than normal traffic. But I'm not sure that with this configuration. I red on the priority of traffic from the switch but I didn't understand any of this I think.

The police are certainly working. In the web interface, I see that are packages offered for the DiffServ, according to me, I'm missing something...

Config:
Policy-map {policy name} in
class {class name}
Assign-queue 6
output
interface port-channel 1
service-policy in the {policy name}

Just a brief update: I think that my setup works fine. I figured out that the ping response delay has more to do with the terminal and then with the configuration of the switch :)

Can I set up two GALs of 5508 controller to two different switches?

I have a WLC 5508 with a two port going to the n5k LAG switch. I want to add a SHIFT of 6 ports to a different switch (3750E) for redundancy. I can do or the OFFSET needs to be on the same switch?

Thank you

-mike

Hi Mike,.

The only restriction with respect links aggregation is that all physical links associated with a simple OFFSET must go to the same switch. In the case of Nexus 5 K this can also be 'pair' forming a field of vPC, or for the Catalyst 3750, rocker, which are part of the same battery.

If you have two LAGS, you can connect the links in GAL 1 to the Nexus 5 K and the links to LAG 2 the Catalyst 3750.

EDIT:

In addition it seems that there is a restriction, at least until the 7.6 version, where the WLC only supports a single LAG. See GAL - aggregation of links for more details.

Concerning

Help me to allocate my band bandwidth (net mgmt, vMotion, FT)

Hi all
I recently started working on a new project and have a pretty cool material to work with (HP c3000, Flex 10, etc..)
I need to make smart decisions for how much bandwidth allocated networks (by host):
- Network management (1 GB)
- Tolerance of failure (1 GB) - just for the pace attack, right?
- vMotion (?)
- Trunk for networks of users (10 GB)
I can spend anywhere between 1 and 8 GB of vMotion. I guess I am looking for a best practice for how vMotion of bandwidth can really use.
We plan of 500 VMS VDI on 8 blades.
I guess we could use DRS more vMotion. DRS uses the vMotion network when moving machines (I think that Yes...).
Thank you!
Drew

OK, didn't know you had mezz cards for 10 flex as well. In this case, you have 40Gbit overall skinning, bandwidth even if its honestly * well * exceeding what you need here. If you still can, I might consider to return the Mezz cards and save some $$.

I could do that (with just cards LOM Flex and see if you can return the Mezz cards and assuming you are not IP storage):

Mgmt: 1Gbit

vMotion: 5 GB

The user traffic: 4Gbit

If you use the Ip storage (lefthand, eql, etc.):

Mgmt: 1Gbit

vMotion: 3 GB

IP storage: 3 Gbps

The user traffic: 3 Gbps

If you want to really keep and use the Mezz cards:

On the LOM maps

Mgmt: 1Gbit

vMotion: 4 Gbit

IP storage: 5Gbit

Mezz card

The user traffic: 10 GB

Do not forget that this is #s card, so when you please in vswitches you effectivly double the troughputs.

VMotion between 2 different processors from intel

Hello
I was wondering if its possible to make of switched on vmotion vms between a host DL380G5 with X 5460 3.16 GHz CPU core quad AND a DL380G6 with X 5570 quad core CPU?
I have a cluster with 2 x dl380G5 with x 5460 CPU and 2 x new dl380g6 to the clsuter with processors x 5570, I've not yet deployed these 2 and wanted to know if vmotion is possible through these 2?, the following vmware link describes this but is not quite clear to me:
http://KB.VMware.com/selfservice/microsites/search.do?language=en_US & cmd = displayKC & externalId = 1991
See "INTEL CORE CPU" Group C and D maybe?
See you soon.
Andres.

Take a look at http://kb.vmware.com/kb/1003212 (support enhanced VMotion compatibility (EVC) processor)

Also, make sure that you understand HA when you use different hosts in a cluster. See http://www.yellow-bricks.com/vmware-high-availability-deepdiv/

André

Installation of vmotion when management network and vmotion are on different subnets

I have vswitch0 which is located on the 172.18.9.x subnet and has my management interface with a gateway of 172.18.9.1 vkernal using 0 and 4 Teddy
When I create vswitch2 which is on the 172.18.10.x subnet and is for vmotion using Teddy 1 and 5, but the front door must be 172.18.10.1
It seems that I can have only a vkernal gateway. So I don't I get the vmotion switch to use a different gateway?
These are my first boxes of ESXi and I've not enabled ssh, so I only have the vi client to configure with.

You might have a network problem. Have you tried with just a single teddy bear in the vswitch and used a cross on the cable? Virtual LANs in use?

Separate cod file, necessary tool for different versions of the signature BONE?

Hi all

I installed the blackberry JDE 1.3.0 eclipse plugin that contains the default value
package inside plugins, now using the url net.RIM.ejde.componentpack6.0.0_6.0.0.30
http://www.BlackBerry.com/go/eclipseupdate/3.6/Java download packages of components for 5.0 etc.. After that the signing tool will be installed with this eclipse.

My question is if my application will be used for all versions of the OS, so what do I do?

1 should I I generate a single file of cod for 4.x or it should be necessary to generate a separate file of cod to 4.5.0, 4.6.0 4.7.0

2 If am will have to sign the cod of the file then I need to install the tool to separate signature for each operating system? or a unique signature tool installed in eclipse itself is enough to sign all the cod files that are generated in the different versions of the OS?

can any please help me understand these things

Thanks in advance,

Kitty

This signature tool is the same for all levels of the operating system. I usually use the tool last signature, even for the 4.2 signing apps.

Compiled cod are compatible forward but not backward. So, if you compile using OS 4.5 it can work in devices running OS 4.5 and above. However if you compile in OS 6.0, then it is not supported on devices running something more than that.

You will find that you might want to use the facilities available in newer versions on the new phones, so you will need to compile separately in this case. There are a variety of options to achieve this, but I would look first for the pre-processor.

There is a small problem in OS 4.7, so if I develop for OS 4.5 - OS 6.0 and the code will be the same for all devices, I usually provide two builds, one for pre OS 4.7 and the other to post that.

Traffic Shapping on switches ESW500

Hi all

I'm faily new traffic shapping / band bandwidth control Department and were asked by a client to be able to do some traffic shapping in their main office.

I read some documents on the switches ESW500 and wanted to make sure that my understanding of the technology and the product is good.

My client wants to give priority to the bandwidth by port depends on the use of the necessary bandwidth. Some users need a lot of bandwidth for applications critical while others

use a lot of bandwidth for applications not so critical...
What I read, I should be able to replace the switch with an ESW500 switch with a traffic shaping. It has a pretty basic setup with about 30 computers connected to a switch that is connected to a router. As mentioned, if I replace the switch with a switch of ESW500, I'll be able to limit through the use of the bandwidth of the inbound and outbound port?

Is there also some type of monitoring tool that I could use to see how much bandwidth used by port (not required but would be a nice to have feature).

Thank you!
Matt

Hello Matt, I hope this finds you doing well.

The amount of bandwidth you need is directly related to the performance that you need. What results do you need?

Here is an example (for voice)

a way 150 msec delay

Jitter less than 20 msec

Less than 1% packet loss

Required to do this, you will need to have the right amount of bandwidth per call and the control of queues, or else the call not his right or can even be deleted.

Another example might be to Microsoft RDP:

Some web posts mention that 30kps is necessary, and some say 100 Kbps is acceptable.

Therefore a target bandwidth, say 100 Kbps per user for this example. If you have 10 concurrent sessions, then is a maximum amount of bandwidth required around 1 MB/s. With statistical multiplexing, you should not have this much, given that not all customers will burst or use the maximum amount of bandwidth at the same time. You can probably get less...

What I do with it, is once you know how much bandwidth you need, then you can start your network engineer so that critical applications are able to run and the productivity of the users is still high. Productivity of the user is very essential, and it is very good that you are looking for in that you're Matt. Good stuff Matt.

Applications providers have suggestions for you for how much bandwidth require their applications?

If applications providers do not know how much is needed, then using the Cisco devices, you can set the desired performance and the Cisco device will respond with the bandwidth required by queue. This is called "bandwidth Chin" or estimate of the bandwidth. Using this amount of bandwidth, you can configure your QoS settings on all your devices.

Here is a link and I would say to search some:

http://www.Cisco.com/en/us/docs/iOS/QoS/configuration/guide/qos_bndwidth_est.html

Application performance is a point of view from end to end and review. You need information on the edge, the core and remote.

You can also view statistics of understand what an end user uses when you access an application interface. This may be an inaccurate method, but it might help you in your understanding.

With all that said, most people do not notice a lot of congestion on the local network or on another LAN port LAN port. Problems usually occur to choke bottlenecks and uplinks. Where are the bottlenecks in your network?

Once you know where they are, then you can apply a QoS policy to protect important traffic and ensure the performance of the applications according to your needs. What are your needs? See above for a few thoughts.

Does make sense?

The ESW is a big switch and QoS can be easily configured to meet your needs. According to me, that is a more difficult question... What are your needs?

Here is a link for the ESW switch. Click resources to find documentation provided with this switch:

http://www.Cisco.com/Cisco/Web/solutions/Small_Business/products/routers_switches/esw_500/index.html

HTH,

Andrew Lee Lissitz

Can't stand of Vmware vMotion as 100 Mbps switch?

I created Lab at home wanted to connect several ESXi host through Physics 100 Mbps switch. So wanted to know my entire lab will work on Physics 100 MBPS switch, as DRS, vMotion, HA. Or I have to buy 1000 MBPS switch?

Although 100 Mbps may work in a laboratory environment, remember that 250 MBit/s is the minimum requirement for vMotion (see https://kb.vmware.com/kb/2059921). If your host supports 1 GBit, you should really consider buying a faster switch. It will make even a low-cost, unmanaged switch.

André

Make VMOTION on a different server with different, example HP and DELL

A colleague asked me a strange question of VMOTION, you can go,
You have HP DL380 G5 and a DELL Power edge 1620 (or anything) in a cluster as ESX host. Now if I want to use VMOTION between these two servers, should what precautions I take?
Please let me know because I have never tried as we all HP inside the VC as ESX Server.
Thank you
Anky

There is no vMotioning fast problem between different manufacturers of servers - Andre's notes it is critical CPU compatibility - so if Dell and HP servers have the same processor (or family) that vmotion will work

If you find this or any other answer useful please consider awarding points marking the answer correct or useful

ESXi 4: error in live migration (VMotion) to the different data store (Local SATA to iSCSI SAN)

Hi all
I have a problem during VM migration live in the different data store, the specifications of the virtual machine is just Windows 2003 x 64 installed with the latest VMWare tools.
Here is the error message:
Move the virtual machine
Win2003x64_RST01
A general error occurred: detected Source this destination could not resume.
The active state of VM migration
any idea what could cause this please?
Kind regards
AWT

Check that the machine ESX4 has prevention performance virtualization and data, indicators enabled in the BIOS. I could move 32 bit machines vmotion Unflagged VT turned on in the BIOS, but 64-bit machines could not begin until I activated the flag of VT in the BIOS.

Also try to clear the mask of the source of the VM CPU before migrating, providing the hosts have the same hardware.

Separate VSANS / Mgmt / Vmotion traffic on different switches

Similar Questions

Maybe you are looking for