• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1046
  • Last Modified:

Network configuration recommended for ESX networking in Physical switch

Hi there,

This questions is for the optimal configuration required for Vsphere virtual switch's Network Load balancing.  consider this environment:

2 Nexus 5010 switches (all supporting 10 GB ports)
Virtual switch which is used for VMport group and virtual machine port groups using two 10 GB uplinks using VLAN tagging
Each 10 GB uplink on the Vswitch is connected individually to the two Nexus switches
Nexus switches are uplinked using 2 x 10 GB port channel

The question are the following:

1 How should be the end port for the Uplinks used on the vSwitch be configured as on the physical switch?  should that be configured as an " access port",  " Trunk".   As in this scenario each 10 GB uplink from the virtual switch would be connected to the two different switches.
2  If both the uplinks are connected to a single physical switch,   how should they be configured on the phyiscal switch ?  should they be configured as "Trunk",  "Access" or "LACP" or "etherchannel"
3 If the ports on the physical switch are configured as "LACP" or "etherchannel" should the Network Load Balancing on the virtual switch be left to the default policy of "Port ID using the orginating port ID",  would the "LACP" configured on the physical switch work without using "IP hash" policy on the virtual switch
4  Can the virtual switch be configured with "Port ID using originating port ID" and still the end ports configured for channel group in the physical switch.
5  Considering the same virtual switch configuration and a physical switch, which only has a 10 GB uplinks and no 10 GB access ports,  can the uplinks used with the vSwitch be connected to the 10 GB uplink port on the physical switch.  would it work with that configuration.

0
Jaydeep_verma
Asked:
Jaydeep_verma
  • 3
  • 2
1 Solution
 
lrpageCommented:
I am not a switch guru but here is the configs we use for our esx on our nexus 5020 switch.  Most of these settings I either got from support from cisco or vmware when I asked similar questions.

switchport mode trunk
switchport trunk allowed vlan 116-400
no cdp enable
spanning-tree port type edge trunk
duplex full

we have vlans from 116-400 so we limit that
0
 
Jaydeep_vermaAuthor Commented:
Thanks Irpage...    So considering your configuration where the endports are configured as Trunk,  what is the Network Load balancing that you have configured on teh virtual switch? is that "originating port ID".    In your configuration does all the vSwitch uplinks go to a single Nexus 5020 switch or two switches and the wires being crisscrossed,   if so what is the LAG that you are using between the switches?

Just of curiousity do you know if a port channel group can be done on the physical switch for the vSwitch upliinks and if done so would it work with the Network Load Balancing feature of "originating port id"
0
 
lrpageCommented:
sorry not a cisco guy just know those are the settings we have and they work.  They might not be optimal but they are effective
0
 
Jaydeep_vermaAuthor Commented:
Well I am not doubting that your configuration is wrong and I am very much aware that it is possible to have it that ways.     The question actually is not a pure Cisco question but configuraiton of Vmware uplinks on a Cisco switch.

This is required as the ESX nics that are used on the vSwitch are all essentially uplinks and they cannot be connected as just an access port on the physical switch.   I am aware that the port can be confirgured as a trunk with VLAN tagging but need to know if the end ports can also be confgured as channel port groups and what would be the Load Balancing configured on the vSwitch in that case.
0
 
Jaydeep_vermaAuthor Commented:
It sure was helpful to get the configuration
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now