Unsolved
This post is more than 5 years old
20 Posts
0
17377
Help with VLANs between two sites
Hi,
We currently have a Dell VRTX server that host a couple of ESXi servers with multiple VMs and a couple of other physical servers that will be used for DR purposes. This server is currently on our main site but will be collocated on another location. The server holds Veeam replicas of some of our productions VMs. For the initial configuration and to start the initial seeding of the replicas the servers were connect to our main switch stack of Dell PowerConnect 6248's. VLAN 50 was created on our production switches to connect the VRTX and the other DR servers. These servers are on a 192.168.50.x network. Production server and clients are on a 192.168.10.x on VLAN 1. The management interface for the switches was moved to VLAN 100 to allow routing between VLAN 1 and 50. All these is working fine.
We now purchased a Dell PowerConnect 6224 switch that will be used at the collocation to connect the VRTX and the other servers. The main site and the collocation will be connected via a site-to-site VPN connection. What we are not sure is the type of configuration that need to be done to the new switch and possible our production switches to make all work correctly via the VPN.
Are we supposed to create the same VLAN 50 on both ends? There will not be anything connected on VLAN 50 on the main site as it was only created on the production switch because we did not have the PC 6224 at the moment.
How will devices on the main site for example our Veeam server find the servers that will be at the collocation and on VLAN 50?
Do I need to leave the VLAN 50 on my production switches even if nothing will be assigned to it?
Do I have to dedicate an interface on the firewall for the S2S VPN and connect a trunk port from the switch to the FW?
Also, when vSphere was configured everything including management, vmotion and vms were put on the same VLAN 50. I know this is a no no. I would like to put management and vmotion on its own VLAN. Do I have to add this VLAN tothe PC 6224 too? How will this affect what is currently configure on the production switches?
Thanks in advance for your help.
DELL-Josh Cr
Moderator
Moderator
•
8.5K Posts
0
March 29th, 2016 17:00
Hi,
Is VLAN 50 the only VLAN on both sides? Usually you would have the two switches connected with a trunk that can carry any VLANs and then have routing enabled on the switches so that different VLANs can communicate. For vmotion, are you going to be vmotioning between the sites? The configuration guide might help you. http://downloads.dell.com/manuals/all-products/esuprt_ser_stor_net/esuprt_networking/esuprt_net_fxd_prt_swtchs/powerconnect-6224_reference%20guide2_en-us.pdf
BAI-JD
20 Posts
0
March 31st, 2016 11:00
Hi Josh,
Currently the DR equipment is not at the DR site. I am trying to configure the switch we recently purchased that will be used at the DR site.
I have VLAN 50, VLAN 1 and VLAN 100 configure on my production switches. VLAN 50 was created to be able to configure everything on the VRTX, allow for communication between servers on VLAN 50 and my production servers and to initiate the seeding of those VMs that will be replicated. VLAN 1 is where all my productions devices reside and VLAN 100 is for management. Everything was configured at the production switches because at the moment we did not have the switch that was going to be used at the DR site. We now have the the switch that will be at the DR location and we need to get it configured.
What I am trying to understand now that we have the switch that will be used at the DR site is if I just need to create VLAN 50 on the new switch and if the VLAN 50 that was created on production needs to be removed. No devices will be on this VLAN as currently the devices connected to VLAN 50 on production are the VRTX and a couple of other servers that will all go to the DR site.
If that is the case and I remove VLAN 50 from production and configure it on the switch that will be at the collocation, how will my devices on production for example my Veeam server, my PC, etc will communicate with those devices on DR?
I understand what you say about connecting switches between trunk ports, but these switches are not on the same site. So when you say to connect them with trunk ports, do you mean to have a trunk port to go from my production switches at the main site to the production firewall and on my DR site have a trunk port from the new switch to the firewall at the DR site and have a site 2 site VPN for communication which is what we are planning to use?
DELL-Josh Cr
Moderator
Moderator
•
8.5K Posts
0
March 31st, 2016 13:00
In that case yes, you can remove VLAN 50 from the production and just have it on the other switch as long as there is something that is routing between them, such as the firewall.