Solved

Setting up a separate network for VMWare and SAN

Posted on 2013-12-18
4
248 Views
Last Modified: 2014-10-14
Hi everyone, trying to understand in a little bit more detail how I could go about setting up a separate physical network to segregate a VMWare Server & iSCSI SAN traffic from the rest of the LAN. I'm not currently using switched that support any VLANing.

My VMWare Server has multiple NICs as does my SAN. Currently I have them assigned static IP addresses of
VMWare: 10.200.1.10
SAN: 10.200.1.11
Subnet: 255.255.248.0
Gateway: 10.200.0.1

I'm a little confused about a few things.
1.) To separate their traffic is it as simple as adding another physical switch that has each of their NICs plugged into the switch (existing NICs and IPs referenced) and a 3rd cable connecting the switch to the main network switch? Or does this defeat the purpose?

2.) If option one is incorrect the proper way I would assume would be to add another physical switch and configure a 2nd NIC on each device and plug that into the new separate switch and setup the new NICs as the way the VMWare Server and SAN communicate. Is this correct? Leave the current NICs and IPs there so that I can remotely manage the appliances right?

3.) If option 2 is the correct idea what IP address/subnet do I configure for the new NICs? Can I use my existing subnet or is that defeating the purpose? IE: could I setup the new NICs as
IP-10.200.1.12
Subnet - 255.255.248.0
Gateway - 10.200.0.1

Also is it relevant that the new NICs & switch wouldn't be connected to the main network and therefore be unable to reach our gateway of 10.200.0.1?

Thanks! Any advice or help is appreciated!
0
Comment
Question by:MikeC7
  • 2
4 Comments
 
LVL 42

Expert Comment

by:paulsolov
ID: 39727797
What kind of switching environment do you have?  If it supports VLANs you can separate using VLANs (essentially creating multiple layer 2 switches on the same switch).  iSCSI traffic should not be routed so in most environments there is no need for a default gateway
0
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 39727799
1. Ideally it would be completely isolated, and not connected to any production network.

2. Correct

3. Use a different IP Address Scheme, 192.168 or 10.10.

Yes the default gateway would be uncreachable as the storage network is completey isolated.
0
 

Author Comment

by:MikeC7
ID: 39727802
The switches I'm using aren't setup for VLANs
0
 
LVL 117

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 39727811
and when setting up your new storage network enable Jumbo Frames if SAN and Network Switches support Jumbo Frames


HOW TO: Enable Jumbo Frames on a VMware vSphere Hypervisor (ESXi 5.0) host server using the VMware vSphere Client
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Create your own, high-performance VM backup appliance by installing NAKIVO Backup & Replication directly onto a Synology NAS!
HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
Teach the user how to use create log bundles for vCenter Server or ESXi hosts Open vSphere Web Client: Generate vCenter Server and ESXi host log bundle:  Open vCenter Server Appliance Web Management interface and generate log bundle: Open vCenter Se…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now