Solved

networking best practice esxi 5.1 with 10GB adapters

Posted on 2013-12-17
8
1,540 Views
Last Modified: 2016-11-23
Hi Guys i have a new dell r620 which contains
2 dual port 10GB adapter cards
1 quad port 1GB adapter

10 GB equallogic SAN iscsi
esxi 5.1 (enterprise )

need to manage ;

vmotion/management networks
Iscsi
Local LAN network
DMZ network

Please let me know what your thoughts of the best way on setting this up with what i have

Thanks !
0
Comment
Question by:Saputo
  • 3
  • 3
  • 2
8 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 39724769
What NICs do you have on your other ESXi servers?

How many other ESXi servers do you have?

Does the new server have any NIC's on the MB?  If not, right of the bat I would get a second NIC with at least two 1 Gb ports.
0
 

Author Comment

by:Saputo
ID: 39724813
iv got 4 brand new servers to set up and they all have the same hardware.

1 intel i350 quadport (onboard) these are 1GB
2 BCM57810 10GB adapters
0
 
LVL 119
ID: 39724881
What SAN do you have an can it take advantage of 10GB iSCSI

otherwise,

virtual machine network or iSCSI for 10GB

Management Network and vMotion - 1GBe

do you use VLANs?

you could use 10GBe in a trunked VLAN?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 250 total points
ID: 39725018
When back and re-read your specs:

I agree with hanccocka, to get more specific, my idea would be to make use of all ports would be to (using VLAN's of course):

VLAN#1 - iSCIS - NIC TEAM 10 Gb CARD1PORT1 with 10 Gb CARD2PORT1  (JUMBO Frames of course)

VLAN#2 - VM Network  - NIC TEAM 10 Gb CARD1PORT2with 10 Gb CARD2PORT2

VLAN#3/4 - VMotion/MGMT - TRUNK and  NIC TEAM 1Gb CARD1PORT1 with 1Gbps CARD1PORT3

VLAN#5 - DMZ - NICTEAM 1Gb CARD1PORT2 with 1Gbps CARD1PORT4

If you don't really care about using all ports, you could:

VLAN#1 - iSCIS - NIC TEAM 10 Gb CARD1PORT1 with 10 Gb CARD2PORT1

VLAN#2/3/4 - VM Network/VMotion/MGMT  - NIC TEAM and TRUNK 10 Gb CARD1PORT2 with 10 Gb CARD2PORT2

VLAN#5 - DMZ - NICTEAM 1Gb CARD1PORT2 with 1Gbps CARD1PORT4


The DMZ should be on its own NIC's assuming you have that traffic isolated as much as possible physically.

iSCSI should be physically isolated as much as possible.

Unless your VMNetwork is really pushing 10Gbps to its limit, you can really share the same interfaces for the VM network, mgmt, and VMotion.
0
 

Author Comment

by:Saputo
ID: 39725041
yes my san is 10GB, its an equallogic 6110 iscsi and yes we do use vlans
0
 
LVL 119
ID: 39725148
I would use ALL 10GBe NICs and use the 1GBe for Management Only.
0
 

Author Comment

by:Saputo
ID: 39786367
thanks, for the DMZ i was going to trunk it on the same cards as vm_network. The networking guys  have created 2 diff vlans on the physical switches for them.

or is it really best practice to keep DMZ on its own NIC ???
0
 
LVL 119

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 250 total points
ID: 39786443
That very much depends on your Security Policy.

Some organisation do not even allow VLANs.

and some organisation would much rather isolate the DMZ traffic on it's own physical network.

If DMZ traffic in your organisation is already VLANed, I so no reason why not also to present that Tagged VLAN to your trunk, to keep the same configuration.

If you have a physical network to support your VLAN, keep it on it's own nic, and label accordingly.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 7 Internet issue 14 54
Server 2016 installation on Dell r720 12 32
Perc RAID Controller Poweredge T110 3 33
ESXi 5.5 incompatibility when migrating VM 9 63
This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
Teach the user how to join ESXi hosts to Active Directory domains Open vSphere Client: Join ESXi host to AD domain: Verify ESXi computer account in AD: Configure permissions for domain user in ESXi: Test domain user login to ESXi host:
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question