- Notes, cautions, and warnings
- Revision history
- Introduction
- VxRail network planning overview
- Plan the VxRail network
- VxRail cluster types
- VxRail hardware and switch selection decision points
- Prepare the data center to implement VxRail
- Decide on an IP address scheme
- Prepare external network connectivity for VxRail
- Prepare service connectivity for VxRail
- Prepare for VMware vSphere+ subscription licensing
- Prepare data center routing services
- Prepare for multirack VxRail cluster
- Prepare for VMware vSAN HCI mesh topology
- Prepare external FC storage for dynamic clusters
- Prepare for VxRail custom uplink assignments
- Prepare data center network MTU
- Prepare for LAG of VxRail networks
- Plan LAG on switch port pairs
- Prepare certificate authority server for VxRail
- Identify isolation IP addresses for VMware vSphere High Availability
- Plan the VxRail cluster implementation
- Decide on VxRail single point of management
- Decide on VxRail network traffic segmentation
- Decide on teaming and failover policies for VxRail networks
- Plan the VxRail logical network
- Plan network settings for VxRail management components
- Plan network settings for VMware vCenter Server management network
- Identify IP addresses for VxRail management components
- Select hostnames for VxRail management components
- Identify external applications and settings for VxRail
- Prepare the customer-managed VMware vCenter Server
- Prepare a customer-managed VMware VDS
- Reserve IP addresses for VxRail-managed VMware vSphere vMotion network
- Reserve IPv4/IPv6 addresses for VxRail vSAN network
- Decide on VxRail logging solution
- Assign passwords for VxRail management
- Plan VMware vSAN witness networking
- Plan networking for VxRail Satellite Nodes
- Configure the Network for VxRail
- Prepare to build the VxRail cluster
- VxRail network considerations after implementation
- Appendix A: VxRail Network Configuration Table
- Appendix B: VxRail Passwords
- Appendix C: VxRail cluster setup checklist
- Appendix D: VxRail Open Ports Requirements
- Appendix E: VMware VDS port group default settings
- Appendix F: Physical Network Switch Examples
- Pre-defined network profile: 2x10gb or 2x25gb from a single NDC/OCP
- Predefined network profile: 4x10gb or 4x25gb NDC/OCP
- Predefined network profile: 2 x 10/25 GB NDC/OCP and 2 x 10/25 GB PCIe
- Custom option: Any NDC/OCP ports paired with PCIe ports
- Custom option: Two NDC/OCP ports paired with PCIe ports other than the first slot
- Custom option: PCIe ports only
- Custom option: Six ports
- Custom option: Eight ports
- Custom option: Eight ports connected to four Ethernet switches
Dell VxRail Network Planning Guide
VLAN considerations for VxRail networks
VLANs define the VxRail logical networks within the cluster and the method that is used to control the paths that a logical network can pass through. A VLAN is a numeric ID that is assigned to a VxRail logical network. The same VLAN ID is configured on the individual ports on your ToR switches, and on the virtual ports in the VMware VDS during the automated implementation.
When an application or service in the VxRail cluster sends a network packet on the VMware VDS, the VLAN ID for the logical network is attached to the packet. The packet can only be able to pass through the ports on the ToR switch and the VMware VDS where there is a match in VLAN IDs. You should isolate the VxRail logical network traffic using separate VLANs ( recommended, but not required). A flat network is recommended only for test, nonproduction purposes.
Meet with the network team and virtualization team to plan the VxRail network architecture.
- The virtualization team discusses with the application owners which specific applications and services that are planned for VxRail are to be made accessible to specific end-users. This determines the number of logical networks that are required to support traffic from non-management virtual machines.
- If you plan to have multiple independent VxRail clusters, use different VLAN IDs across multiple VxRail clusters to reduce network traffic congestion.
- The network team must plan the following:
- Define the pool of VLAN IDs needed to support the VxRail logical networks, and determine which VLANs restrict traffic to the cluster, and which VLANs can pass through the switch up to the core network.
- Plan to configure the VLANs on the upstream network, and on the switches attached to the VxRail nodes.
- Configure routing services to ensure connectivity for external users and applications on VxRail network VLANs passed upstream.
- The virtualization team must assign the VLAN IDs to the individual VxRail logical networks.
VxRail groups the logical networks in the following categories:
- External management network
- VMware vCenter Server management network
- Internal management network
- VMware vSAN
- VMware vSphere vMotion
- Virtual Machine
Before VxRail 4.7.x, both external and internal management traffic shared the external management network. Starting with VxRail 4.7.x, the external and internal management networks are broken out into separate networks.
External management network
External Management network supports communications to the ESXi hosts, and has common network settings with the VMware vCenter Server Management Network. All VxRail external management traffic is untagged by default and should be able to go over the native VLAN on your ToR switches.
A tagged VLAN can be configured instead to support the VxRail external management network. This option is considered a best practice, and is especially applicable in environments where multiple VxRail clusters are deployed on a single set of ToR switches. To support using a tagged VLAN for the VxRail external management network, configure the VLAN on the ToR switches. Configure trunking for every switch port that is connected to a VxRail node to tag the external management traffic.
VMware vCenter Server management network
The vCenter Management Network hosts the VxRail Manager and the VxRail-managed VMware vCenter Server. By default, it also shares the same network settings as the External Management network. In this context, the physical ESXi hosts and the logical VxRail management components share the same subnet and share the same VLAN. Starting with version 7.0.350, this logical network can be assigned to a unique subnet and assigned a VLAN separate from the external management network.
Internal management network
The Internal Management network is used solely for device discovery by VxRail Manager during initial implementation and node expansion. This network traffic is non-routable and is isolated to the ToR switches connected to the VxRail nodes. Powered-on VxRail nodes advertise themselves on the Internal Management network using multicast, and discovered by VxRail Manager. The default VLAN of 3939 is configured on each VxRail node that is shipped from the factory. This VLAN must be configured on the switches, and configured on the trunked switch ports that are connected to VxRail nodes.
If a different VLAN value is used for the Internal Management network, it not only must be configured on the switches, but must also be applied to each VxRail node on-site. Device discovery on this network by VxRail Manager fails if these steps are not followed.
Device discovery requires multicast to be configured on this network. If there are restrictions within your data center regarding the support of multicast on your switches, you can bypass configuring this network, and instead use a manual process to select and assign the nodes that form a VxRail cluster.
NOTE: Using the manual node assignment method instead of node discovery for VxRail initial implementation requires VxRail 7.0.130 or later.
To leverage vSAN for VxRail cluster storage resources, configure a VLAN for the vSAN network and the VMware vSphere vMotion network. Configure a VLAN for each network on the ToR switches, and include the VLANs on the trunked switch ports that are connected to VxRail nodes.
Virtual machine
The VM networks are for the virtual machines running your applications and services. These networks can be created by VxRail during the initial build or afterward using the VMware vClient after initial configuration is complete. Dedicated VLANs are preferred to divide VM traffic, based on business and operational objectives. VxRail creates one or more VM networks, based on the specified name and VLAN ID pairs. When you create VMs in the VMware vSphere Web Client to run your applications and services, you can assign the VM to the VM networks of your choice. For example, you could have one VLAN for development, one for production, and one for staging.
Network configuration
| Network configuration table | Action |
|---|---|
| Row 1 | Enter the external management VLAN ID for VxRail management network (VxRail Manager, ESXi, VMware vCenter Server, Log Insight). If you do not plan to have a dedicated management VLAN and will accept this traffic as untagged, enter 0 or Native VLAN. |
| Row 2 | Enter the internal management VLAN ID for VxRail device discovery. The default is 3939. If you do not accept the default, the new VLAN must be applied to each VxRail node before cluster implementation to enable discovery. |
| Row 3 | Enter a VLAN ID for VMware vSphere vMotion (enter 0 in the VLAN ID field for untagged traffic). |
| Row 4 | Enter a VLAN ID for vSAN, if applicable (enter 0 in the VLAN ID field for untagged traffic). |
| Row 5-6 | Enter a Name and VLAN ID pair for each VM guest network that you want to create. VM Network can be configured during the cluster build process, or after the cluster is built (enter 0 in the VLAN ID field for untagged traffic). |
| Row 7 | Enter the VMware vCenter Server Network VLAN ID (if different from the external management VLAN ID). |
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\