- Notes, cautions, and warnings
- Revision history
- Introduction
- VxRail network planning overview
- Plan the VxRail network
- VxRail cluster types
- VxRail hardware and switch selection decision points
- Prepare the data center to implement VxRail
- Decide on an IP address scheme
- Prepare external network connectivity for VxRail
- Prepare service connectivity for VxRail
- Prepare for VMware vSphere+ subscription licensing
- Prepare data center routing services
- Prepare for multirack VxRail cluster
- Prepare for VMware vSAN HCI mesh topology
- Prepare external FC storage for dynamic clusters
- Prepare for VxRail custom uplink assignments
- Prepare data center network MTU
- Prepare for LAG of VxRail networks
- Plan LAG on switch port pairs
- Prepare certificate authority server for VxRail
- Identify isolation IP addresses for VMware vSphere High Availability
- Plan the VxRail cluster implementation
- Decide on VxRail single point of management
- Decide on VxRail network traffic segmentation
- Decide on teaming and failover policies for VxRail networks
- Plan the VxRail logical network
- Plan network settings for VxRail management components
- Plan network settings for VMware vCenter Server management network
- Identify IP addresses for VxRail management components
- Select hostnames for VxRail management components
- Identify external applications and settings for VxRail
- Prepare the customer-managed VMware vCenter Server
- Prepare a customer-managed VMware VDS
- Reserve IP addresses for VxRail-managed VMware vSphere vMotion network
- Reserve IPv4/IPv6 addresses for VxRail vSAN network
- Decide on VxRail logging solution
- Assign passwords for VxRail management
- Plan VMware vSAN witness networking
- Plan networking for VxRail Satellite Nodes
- Configure the Network for VxRail
- Prepare to build the VxRail cluster
- VxRail network considerations after implementation
- Appendix A: VxRail Network Configuration Table
- Appendix B: VxRail Passwords
- Appendix C: VxRail cluster setup checklist
- Appendix D: VxRail Open Ports Requirements
- Appendix E: VMware VDS port group default settings
- Appendix F: Physical Network Switch Examples
- Pre-defined network profile: 2x10gb or 2x25gb from a single NDC/OCP
- Predefined network profile: 4x10gb or 4x25gb NDC/OCP
- Predefined network profile: 2 x 10/25 GB NDC/OCP and 2 x 10/25 GB PCIe
- Custom option: Any NDC/OCP ports paired with PCIe ports
- Custom option: Two NDC/OCP ports paired with PCIe ports other than the first slot
- Custom option: PCIe ports only
- Custom option: Six ports
- Custom option: Eight ports
- Custom option: Eight ports connected to four Ethernet switches
Dell VxRail Network Planning Guide
Appendix D: VxRail Open Ports Requirements
Firewall settings specific for the deployment of a VxRail cluster are provided. Use the links that are provided after the tables for firewall rules that are driven by product feature and use case. The VxRail cluster must connect to specific applications in your data center. DNS is required, and NTP is optional. Open the necessary ports to enable connectivity to the external syslog server, and for LDAP and SMTP.
| Description | Source Devices | Destination Devices | Protocol | Ports |
|---|---|---|---|---|
| DNS | VxRail Manager, Dell iDRAC | DNS Servers | UDP | 53 |
| NTP Client | Host ESXi Management Interface, Dell iDRAC, VMware vCenter Servers, VxRail Manager | NTP Servers | UDP | 123 |
| SYSLOG | DNS Servers Host ESXi Management Interface, VMware vRealize Log Insight | Syslog Server | TCP | 514 |
| LDAP | VMware vCenter Servers | LDAP Server | TCP | 389, 636 |
| SMTP | Secure connect gateway VMs, VMware vRealize Log Insight. | SMTP Servers | TCP | 25 |
Open the necessary firewall ports to enable IT administrators to deploy the VxRail cluster.
| Description | Source Devices | Destination Devices | Protocol | Ports |
|---|---|---|---|---|
| ESXi Management | Administrators | Host ESXi Management Interface | TCP, UDP | 902 |
| VxRail Management UI/Web Interfaces | Administrators | VMware vCenter Server, VxRail Manager, Host ESXi Management, Dell iDRAC port, VMware vRealize Log Insight | TCP | 80, 443 |
| Dell server management | Administrators | Dell iDRAC | TCP | 623, 5900, 5901 |
| SSH and SCP | Administrators | Host ESXi Management, vCenter Server, Dell iDRAC port, VxRail Manager Console | TCP | 22 |
If you plan to use a customer-managed VMware vCenter Server instead of deploying a VMware vCenter Server in the VxRail cluster, open the necessary ports so that the VMware vCenter Server instance can connect to the ESXi hosts.
| Description | Source Devices | Destination Devices | Protocol | Ports |
|---|---|---|---|---|
| VMware vSphere Clients to VMware vCenter Server | VMware vSphere Clients | VMware vCenter Server | TCP | 5480, 8443, 9443, 10080, 10443 |
| Managed Hosts to VMware vCenter Server | Host ESXi Management | VMware vCenter Server | TCP | 443, 902, 5988,5989, 6500, 8000, 8001 |
| Managed Hosts to VMware vCenter Server Heartbeat | Host ESXi Management | VMware vCenter Server | TCP | 902 |
Other firewall port settings may be necessary depending on your data center environment. The list of documents in this table is provided for reference purposes. VxRail manages the VxRail Customer Firewall Rules interactive workbook. Access to the workbook requires Dell customer credentials. If you do not have Dell login credentials, contact your account team to download the tool for you.
| Description | Reference |
|---|---|
| VMware Ports and Protocols | VMware Ports and Protocols |
| Network port diagram for VMware vSphere 6 | Network Port Diagram for vSphere 6 |
| vSAN Ports Requirements | vSAN Network Ports Requirements |
| Dell iDRAC Port Requirements | How to configure the iDRAC 9 for Dell PowerEdge |
| Secure Connect Gateway Documentation | Dell Secure Connect Gateway Documentation |
| VMware vCenter Cloud Gateway Requirements | VMware Cloud Gateway for vSphere+ Requirements |
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\