SpencerKarnovski
asked on
Layer 2 switches & SAN setup.
Hello. Forgive my lack of knowledge here, I'm just learning at the moment.
We are going to have an 8 port SAN Box (HP P2000 G3 Modular Smart Array Systems) with 11 drives (RAID10) connected to two LAYER2 switches. The switches are then going to connected to, two, host controllers (beefed up servers). The host controllers will have Hyper V installed, they will host our DC, Exchange VE's. The VHD's (containing the VE's) will be stored on the SAN drives. The two host controllers will be connected to the rest of the network/LAN via a router.
My question is based around the layer two switches - we will have 4 VLANS (each with own subnet/IP Range) configured on the two switches. The two switches will connect to the host controllers via x2 cat6 cables, going into x2 NIC's (teamed) on each controller (server).
As you know layer 2 switches cannot apply intelligence when forwarding packets, and that they cannot route packets based on IP addresses. With the above setup, do we need layer 3 switches.
Sorry if my question is to generalised and not specific. What I mean to say, is that having two LAYER2 switches setup with VLANS, which will connect to a SAN, do they need to be able to apply intelligence when forwarding requests from the LAN.
If you need me to expand on anything, or make things clearer (which is highly likely) then please say. This is all relatively new to me. I have been tasked with researching how to get this all configured.
Thanks.
We are going to have an 8 port SAN Box (HP P2000 G3 Modular Smart Array Systems) with 11 drives (RAID10) connected to two LAYER2 switches. The switches are then going to connected to, two, host controllers (beefed up servers). The host controllers will have Hyper V installed, they will host our DC, Exchange VE's. The VHD's (containing the VE's) will be stored on the SAN drives. The two host controllers will be connected to the rest of the network/LAN via a router.
My question is based around the layer two switches - we will have 4 VLANS (each with own subnet/IP Range) configured on the two switches. The two switches will connect to the host controllers via x2 cat6 cables, going into x2 NIC's (teamed) on each controller (server).
As you know layer 2 switches cannot apply intelligence when forwarding packets, and that they cannot route packets based on IP addresses. With the above setup, do we need layer 3 switches.
Sorry if my question is to generalised and not specific. What I mean to say, is that having two LAYER2 switches setup with VLANS, which will connect to a SAN, do they need to be able to apply intelligence when forwarding requests from the LAN.
If you need me to expand on anything, or make things clearer (which is highly likely) then please say. This is all relatively new to me. I have been tasked with researching how to get this all configured.
Thanks.
ASKER
Hello.
Yes - the normal LAN will need to access all of the network. The DC, Exchange servers will be virtualized - the actual VHDs for those will be hosted on the SAN. The SAN management, the Hyper V installations will be controlled by two servers.
I have quickly done a image (a rather ugly one) to show the proposed setup.
Basically we are converting our bare metal server infrastructure into a virtualized environment. We are going to host the virtual images (our DC, Exchange etc..) on the SAN for optimal performance.
Clients need to be able to access the DC as they would when it was attached on the local LAN. Of course, connecting the SAN BOX to the switches we have to create VLANS - we have created 4 separate VLANS. Packets, or frames, should be able to travel to and from the SAN as normal.
Anyway, can you gauge from what I have said, that we would need LAYER 3 switches. Please feel free to ask question about the setup.
Thanks.
SAN-SETUP.jpg
Yes - the normal LAN will need to access all of the network. The DC, Exchange servers will be virtualized - the actual VHDs for those will be hosted on the SAN. The SAN management, the Hyper V installations will be controlled by two servers.
I have quickly done a image (a rather ugly one) to show the proposed setup.
Basically we are converting our bare metal server infrastructure into a virtualized environment. We are going to host the virtual images (our DC, Exchange etc..) on the SAN for optimal performance.
Clients need to be able to access the DC as they would when it was attached on the local LAN. Of course, connecting the SAN BOX to the switches we have to create VLANS - we have created 4 separate VLANS. Packets, or frames, should be able to travel to and from the SAN as normal.
Anyway, can you gauge from what I have said, that we would need LAYER 3 switches. Please feel free to ask question about the setup.
Thanks.
SAN-SETUP.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hello, thanks for the input. I shall read and digest,then report back.
I might as well note, that this setup is what I have been "told" to follow by my network administrator. While he is away on holiday, I want to try and create a better diagram (and improve my understanding of the setup), so when he gets back I can show him a more suitable setup.
Anyway, will digest what you have said and report back,
Thanks.
I might as well note, that this setup is what I have been "told" to follow by my network administrator. While he is away on holiday, I want to try and create a better diagram (and improve my understanding of the setup), so when he gets back I can show him a more suitable setup.
Anyway, will digest what you have said and report back,
Thanks.
ASKER
a few quick questions (btw - I shall finish this question by redrawing the diagram for your inspection).
"Your HyperV servers connects to these SAN controllers with iSCSI" - would these connect directly to the SAN controllers on the back of the SAN BOX, or connect to a VLAN on the switch? I would assume because of this statement "- Management: connected to management ports on SAN" they should connect to the switch and be one of the two VLANS?
Also, "or speed it is best to Trunck your ports (this means, combine them and use them as they are 1). You can do this with the 4 ports" so, I take it you mean, looking at my incorrect diagram, the four connections coming from ports 21 - 24 - we should trunk those 4 together - but as you suggested, we do not want all a single trunk (4 ports) going into just one hyper v - so, if we do not trunk 4 ports because 2 of each have to go in "each" hyper V - what would be the best setup. Trunking 2 ports? So we have 2 trunked ports going into each server?
Hope I'm not confusing you - thanks loooads for your help.
"Your HyperV servers connects to these SAN controllers with iSCSI" - would these connect directly to the SAN controllers on the back of the SAN BOX, or connect to a VLAN on the switch? I would assume because of this statement "- Management: connected to management ports on SAN" they should connect to the switch and be one of the two VLANS?
Also, "or speed it is best to Trunck your ports (this means, combine them and use them as they are 1). You can do this with the 4 ports" so, I take it you mean, looking at my incorrect diagram, the four connections coming from ports 21 - 24 - we should trunk those 4 together - but as you suggested, we do not want all a single trunk (4 ports) going into just one hyper v - so, if we do not trunk 4 ports because 2 of each have to go in "each" hyper V - what would be the best setup. Trunking 2 ports? So we have 2 trunked ports going into each server?
Hope I'm not confusing you - thanks loooads for your help.
- best with switches between them. VLAN1 and VLAN2:
VLAN1: management: connect it to your normal network + connect it to the 2 grey ports on your SAN (each controller 1). Give your switch an IP in this VLAN.
VLAN2: All other cables.
- indeed use thruncks with 2 cables each. You need to setup the truncking in the switch, the SAN and the server.
on the SANBOX make those 4 trucks: TOP1+2; TOP3+4; BOT1+2; BOT3+4
On the 2 Switches make those 4 truncks on each: 11+12; 13+14; 21+23; 22+24 (you can change the port numbers, but this is how I have drawn them)
On the HyperV machines, trunck NIC1+2 and NIC3+4. Connect all the other NIC's to your normal network and attach them to the virtual datanetwork switch where your VM's are connected on).
The connections to be made (each connection has 2 UTP cables)
TOP1+2 -> Switch1_11+12
TOP3+4 -> Switch2_11+12
BOT1+2 -> Switch1_13+14
BOT3+4 -> Switch2_13+14
Switch1_21+23 -> HyperV1_NIC1+2
Switch1_22+24 -> HyperV2_NIC1+2
Switch2_21+23 -> HyperV1_NIC3+4
Switch2_22+24 -> HyperV2_NIC3+4
VLAN1: management: connect it to your normal network + connect it to the 2 grey ports on your SAN (each controller 1). Give your switch an IP in this VLAN.
VLAN2: All other cables.
- indeed use thruncks with 2 cables each. You need to setup the truncking in the switch, the SAN and the server.
on the SANBOX make those 4 trucks: TOP1+2; TOP3+4; BOT1+2; BOT3+4
On the 2 Switches make those 4 truncks on each: 11+12; 13+14; 21+23; 22+24 (you can change the port numbers, but this is how I have drawn them)
On the HyperV machines, trunck NIC1+2 and NIC3+4. Connect all the other NIC's to your normal network and attach them to the virtual datanetwork switch where your VM's are connected on).
The connections to be made (each connection has 2 UTP cables)
TOP1+2 -> Switch1_11+12
TOP3+4 -> Switch2_11+12
BOT1+2 -> Switch1_13+14
BOT3+4 -> Switch2_13+14
Switch1_21+23 -> HyperV1_NIC1+2
Switch1_22+24 -> HyperV2_NIC1+2
Switch2_21+23 -> HyperV1_NIC3+4
Switch2_22+24 -> HyperV2_NIC3+4
ASKER
Ok, thanks Pan..
Quick query, then I have enough to go on:
" Connect all the other NIC's to your normal network and attach them to the virtual datanetwork switch where your VM's are connected on"
The VM's are being stored on the SAN Array - this is the whole purpose of creating the SAN, to store the VMs. Does this change anything?
Thanks again - very good responses here.
Quick query, then I have enough to go on:
" Connect all the other NIC's to your normal network and attach them to the virtual datanetwork switch where your VM's are connected on"
The VM's are being stored on the SAN Array - this is the whole purpose of creating the SAN, to store the VMs. Does this change anything?
Thanks again - very good responses here.
No.
clients don't need access to the SAN. They do need access to Exchange, AD, ...
Only your HyperV machines need access to the SAN infrastructure on the data ports (the orange ones). You obviously need access to the management port (grey) of the SAN.
So in this setup, you do need at least 5 NIC's (preferably 6 to 8) for each HyperV (=hardware) server.
clients don't need access to the SAN. They do need access to Exchange, AD, ...
Only your HyperV machines need access to the SAN infrastructure on the data ports (the orange ones). You obviously need access to the management port (grey) of the SAN.
So in this setup, you do need at least 5 NIC's (preferably 6 to 8) for each HyperV (=hardware) server.
We have a setup with 3 VLAN's: 1 VLAN for iSCSI, 1 VLAN for vMotion and 1 for management + data network. Those 3 networks are not connected to each other. probably you don't need/want that those networks can communicate with eachother.
If you still need traffic to be routed to the 3 networks you need or a Layer3 switch, or a router/firewall between the switches.