Virtualization running on hosts with only 2 on-board pNICs and 3 pNIC in a slot have security, redundancy, and performance challenges. Administrators are forced to make choices on how much redundancy is required and where to place it.
How to setup virtual networking when 5 pNICs are involved follows:
pNIC0 -> vSwitch0 -> Portgroup0 (service console)
pNIC1 -> vSwitch0 -> Portgroup1 (VMotion)
pNIC2 -> vSwitch0 -> Portgroup2 (Storage Network)
pNIC3 -> vSwitch1 -> Portgroup3 (VM Network)
pNIC4 -> vSwitch1 -> Portgroup3 (VM Network)
With 5 pNICs you can setup two redundant vSwitches each for different purposes one for the service console/management appliance, VMotion, and your Storage Network. While the second vSwitch is solely for the VM Network granted a higher level of redundancy.
The networks attached to vSwitch0 work best with VLANs however subnets will also work. With 3 pNICS on vSwitch0 each network gains its own pNIC and therefore better performance and security unless there is a failure case.
In this configuration pNIC0 and pNIC1 are the failover pNICs for Portgroup2, pNIC1 and pNIC2 are the failover pNICs for Portgroup0, and lastly pNIC0 and pNIC2 are the failover pNICs for Portgroup1. For vSwitch1 there is no need for predefined failover modes, just the default which includes vSwitch Port ID based load balancing. In other words, load balancing is outbound only and based on the port to which the VM is connected.
This method will grant the most redundancy, security, and performance for a 5 pNIC configuration.
Virtualization expert Edward L. Haletky is the author of VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers. He recently left HP, where he worked in the Virtualization, Linux, and High-Performance Technical Computing teams. Haletky owns AstroArch Consulting, providing virtualization, security, and network consulting and development. Haletky is also a Guru and moderator for the VMware discussion forums, providing answers to security and configuration questions.
We have 15 copies of Haletky's book up for grabs. Go here for entry details (competition will open Nov. 1) and go here for a sneak peek of the book.
The Leader in Network Knowledge
Any diagrams or examples of the physical layer and subnetting??
Are there any concrete examples out there which help one understand which pNICs get connected where??
For example, which of the above pNICs get connected to one's 'regular network' so that VMs can be seen and managed, and which ones get connected to any kind of isolated standalone switch to segregate their traffic??
For example, the SAN controller iSCSI ports could go to a separate switch but the SAN's management ports go on one's 'regular network' so they can be managed from a browser in the LAN.
My understanding tells me all the pNICs in the host connect to the 'regular network' LAN.
Can you point to any tutorials or diagrams which help understand the physical layer implementation of the above such that the networking functions properly??
Any concrete examples out there??
Are there any concrete examples out there which help one understand which pNICs get connected where??
For example, which of the above pNICs get connected to one's 'regular network' so that VMs can be seen and managed, and which ones get connected to any kind of isolated standalone switch to segregate their traffic??
For example, the SAN controller iSCSI ports could go to a separate switch but the SAN's management ports go on one's 'regular network' so they can be managed from a browser in the LAN.
My understanding tells me all the pNICs in the host connect to the 'regular network' LAN.
Can you point to any tutorials or diagrams which help understand the physical layer implementation of the above such that the networking functions properly??
Sorry for double posting :(
Please forgive me...I had trouble with the form.
Post new comment