Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Vlans Setup for iscsi network multipath

Posted on 2013-01-21
5
Medium Priority
?
65 Views
Last Modified: 2016-11-23
HI Experts,

I need to setup vlans for my iscsi network but have no glue every time i tried i have fails?

I have 2 backend iscsi boxes running openfiler each iscsi box has six nic cards installed in each.

three nics going to switch one 192.168.15.0 & the other 3 going to switch 2 on 192.168.2.0 ports 1,2,3

Gateway is on port 1 on both switches going to pfsense firewall with dhcp enabled.

on switch 2 this shared between backend mysql, nfs,smb traffic i need to be able to create vlan on switch 2 to sperate the
iscsi traffic away from the rest?

Purpose is to setup mulipathing for xenserver cloud to access iscsi on both subnets?

switch 1 id dell layer 3 switch PowerConnect 6024 and switch 2 is ProCurve 1800-24G

hope someone can teach me to get my head around this

kind regards

Darren
0
Comment
Question by:Darrennew
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 5

Expert Comment

by:Harsem
ID: 38805151
Hello Darren,

I have a bit of difficulty trying to understand what you are trying to communicate.

Multipathing is created for redundancy & increased throughput for XenServer to the ISCSI device. This does not require a dedicated VLAN but you should read up on the technology behind this and design considerations aorund this solution.

The link below does this as well as how to configure this on the XenServer:
http://support.citrix.com/servlet/KbServlet/download/27027-102-666389/xs-design-iSCSI-multipathing-config.pdf

Hope this helps

Jens
0
 
LVL 1

Author Comment

by:Darrennew
ID: 38808630
HI Thank you are message,  Reading up on iscsi network howtos they mentioned that the iscsi network should be dedicated with no other traffic within this network?.

I fully aware why one should use multipathing i have this already setup ready to go on all xenhosts.

switch 1 is dedicated for iscsi i have 3 nics from iscsi server connected to this switch  with each xenhost connected.

each xenhost has 4 nics

eth0 = public on dedicated switch
eth1 = internal (management dedicated switch)
eth2 = dedicated switch iscsi-net1
eth3 = iscsi-net2  ( this nic is connected to the same switch as the management nic)

what i am trying to achieve is to create vlan for iscsi-net2 on the internal switch to separate iscsi traffic

kind regards
0
 
LVL 5

Accepted Solution

by:
Harsem earned 2000 total points
ID: 38812215
Hello,

please correct me if I am wrong.

Switch 1 = dedicated to ISCSI - no VLANS

Swtich 2 = shared, here you want to create a VLAN for seperate out ISCSI traffic.


With the above assumptions:
What you "should" do irst off is to create a VLAN ID for ISCSI (Lets say VLAN 2) and another VLAN ID for the rest of the traffic (lets say VLAN3). For the sake of simplicity we wil keep this at 2 VLANs.

The reason I would do this is that these 2 switches should be linked with an ethernet cable, and mixing VLANs with different IDs will only ever create confusion down the line.


Say we link the two switches on port 48 on each switch. What you would do is to allow VLAN 2 (ISCSI) access to port 48, but not VLAN 3. This way you have seperated ISCSI, any traffic between the VLANs still needs to traverse your pfsense firewall, while traffic on VLAN 2 will be able to pass from Switch 1 to Switch 2 at high speeds without a firewall in between.

Does this help?

Jens
0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Each year, investment in cloud platforms grows more than 20% (https://www.immun.io/hubfs/Immunio_2016/Content/Marketing/Cloud-Security-Report-2016.pdf?submissionGuid=a8d80a00-6fee-4b85-81db-a4e28f681762) as an increasing number of companies begin to…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question