This post is more than 5 years old
15 Posts
0
21647
Vmware and 10 GbE Pass-Through-module
Hey!
I`ve just recived a new bladerack from dell(m1000e) with 10 GbE Pass-Through-module.
We are going to use this rack with m620 blades for vmware, and i was wondering if how can i configure Vmotion when its on a diffrent subnet(vlan)
Do i have to configure all the ports on the A2 to use spesific vlan and use all the ports to enable vmotion on all 16 blades?
Or can i configure all blades to point to one external port even though its 10 GbE Pass-Through-module?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
1
November 8th, 2012 07:00
The pass-through module provides a direct connection between the optional internal Ethernet mezzanine card in the blade, and an external Ethernet device. The Ethernet pass-through modules are hot-pluggable, and may be installed in any of the three Fabrics - A, B or C. External connectors on the Ethernet pass-through module correspond directly to the blade number. For example, blade 5 is connected to port 5 on the Ethernet passthrough module. Ethernet media speed is configured through the blade LOM firmware or by the operating system. Speed and duplex settings are not configured through the passthrough module itself.
The pass-through module does not have VLAN configurations on it, The VLAN configurations would be done on the server and the switch that you choose to plug the servers into. Then if you need to communicate from one VLAN to another VLAN, you will need to have Layer 3 switch to perform the routing. But looking at VMWARE security recommendations the Vmotion traffic stays isolated and is not routable.
"The security issue with vMotion migrations is that information is transmitted in plain
text, and anyone with access to the network over which this information flows can
view it. Ensure that vMotion traffic is separate from production traffic on an isolated
network. This network should be nonroutable (no layer-3 router spanning this and
other networks), which will prevent any outside access to the network."
More information like this can be read in this document.
www.vmware.com/.../VMW-TWP-vSPHR-SECRTY-HRDNG-USLET-101-WEB-1.pdf
Here is also the user guide for the pass-through module.
support.dell.com/.../PTMUGadm.pdf
Hope this info helps,
Thanks.
Hystad
15 Posts
0
November 9th, 2012 00:00
One thing, There shouldnt be a problem using nic01 for vmotion and nic0 for ethernet
Hystad
15 Posts
0
November 9th, 2012 00:00
The Vmotion trafic isnt routed from a vlan to vlan, all vmotion traffic from all the esx servers we have is configured on the same vlan and subnet. So that shouldnt be the problem,
I was just wondering since both blade nics shows in vmware, i thought we could use a2 for vmotion trafic only and a1 for normal trafic.
Since i expect nic0 points at A1 and Nic1 points at A2 if im correct., then i gues nic1 blade 1 would be a2 port 1?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
November 9th, 2012 07:00
Correct, A1 goes to NIC1 and A2 goes to NIC2. Here are some good links to have, in reference to the M1000e.
cosonok.blogspot.com/.../dell-m1000e-blade-enclosure-logical_22.html
www.dell.com/.../blade_io_solutions_guide_v1.2_jn.pdf
www.dell.com/.../ps1q08-20070500-Loffink.pdf
Thanks
Hystad
15 Posts
0
November 12th, 2012 00:00
Edit: It is a normal gigabit pass through module, but is there any guide where i can set up vlan in the Lom firmware?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
November 12th, 2012 08:00
There are three network daughter cards (NDC) offered for the M620. A Broadcom, Intel, and Qlogic, each one being different in the process. Do you know which NDC is installed on the server? How many VLANs are you looking to create? It may better to create the VLANs on the virtual switch.
Dev Mgr
9.3K Posts
0
November 12th, 2012 08:00
Instead of using 1 NIC for LAN and the other for vMotion, I would instead recommend to leverage layer 2 capabilities (multiple VLANs) and team the 2 NICs. This way if 1 NIC fails you don't lose all functionality on that 1 NIC.
Hopefully this helps clarify it a bit:
- vSwitch0 with vmnic0 and vmnic1 -> set the teaming to route based on IP hash
- vmk0 (Management kernel) on VLAN 1 (management vlan)
- vmk1 (vmotion) on vlan 2
- if you're using iSCSI storage, then iSCSI on vlan 3
NOTE: these are just example vlan IDs.
On your 10Gbit switch create a static LAG with the 2 ports that this server is plugged into, tag traffic on this LAG for all 3 VLANs.
Hystad
15 Posts
0
November 13th, 2012 22:00
I got one broadcom and one Qlogic
Hystad
15 Posts
0
November 14th, 2012 05:00
Sounds like a good idea. ill give it a try
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
November 14th, 2012 11:00
For Broadcom BACS/BASP would be used.
support.dell.com/.../bacs.htm
For Qlogic it is done through the Team Management page.
support.dell.com/.../teaming.htm
The suggestions Dev has are some great ones to listen to.