vDCA550-Objective 2.3-4-Configure port groups to properly isolate network traffic (Part 2)

This is part 2 of Configure port groups to properly isolate network traffic. you will find part 1 here. in this post we will discuss anther example to help understand it.

Example 2 (vDS):

Network administrator configured the physical Switch Ports as a trunked for VLAN 16-20. vSphere administration tasks is to create isolated infrastructure for “vMotion, IPStorage and VM” traffic on “vDS” named “vDSwitch1” with following configurations.

  1. Create Portgroup named “IPStorage” for ISCSI/NFS traffic and isolated with “VLAN16” on uplinks “vmnic1 (uplink1) active/vmnic2 (uplink2) standby”.
  2. Create Portgroup named “vMotion1” for vMotion traffic and isolate with “VLAN18” on uplink “vmnic3 (uplink3)”
  3. Create Portgroup named “VM-3” for VM traffic and isolate with “VLAN20” on uplink “vmnic2 (uplink2) active/vmnic1(uplink1) standby”

Solution:

From Webclient home-> Networking -> Right Click on the Datacenter -> Choose “New Distributed Switch”

vDCA550-Obj-2-3-ConfPortGroupIsolation-15

Enter the vDS name “vDSwitch1” -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-16

Choose the vDS version -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-17

Choose Number of uplink “3” and “uncheck Create a default PortGroup” check box-> Click “Next” and then “finish”

vDCA550-Obj-2-3-ConfPortGroupIsolation-18

Now our vDS is Created below is the topology diagram.

vDCA550-Obj-2-3-ConfPortGroupIsolation-19

Let’s create our required PG as given in the example.

1-Create Portgroup named “IPStorage” for ISCSI/NFS traffic and isolated with “VLAN16” on uplinks “vmnic1 (uplink1) active/vmnic2 (uplink2) standby”.

To create a new portgroup -> Right Click on the vDS -> Choose “New Distributed Port Group”

vDCA550-Obj-2-3-ConfPortGroupIsolation-20

Define a name “IPStorage” -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-21

Leave as default -> Click “Next” and then “Finish”

vDCA550-Obj-2-3-ConfPortGroupIsolation-22

Next Right Click on the IPStorage PG -> Click “Edit Settings”

vDCA550-Obj-2-3-ConfPortGroupIsolation-23

In the IPStorage PG settings- > VLAN -> Choose VLAN Type “VLAN” -> Enter VLAN ID “16”

vDCA550-Obj-2-3-ConfPortGroupIsolation-24

In the IPStorage PG settings- > Teaming and Failover -> Set Uplink1 as Active, uplink2 as standby and move uplink3 in unused adapter list -> Click “OK”

vDCA550-Obj-2-3-ConfPortGroupIsolation-25

By default when you create a PG on the vDS it is create for VM traffic as shown below. But in the example I will use this portgroup for IPStorage Such as ISCSI/NFS taffic. So we need to convert it to vKernel Port instead of Virtual Machine portgroup.

vDCA550-Obj-2-3-ConfPortGroupIsolation-26

To create the vKernel PortGroup. We have to add a host first than map the physical adapter to the uplink1 and create a vKernel portgroup. Let’s show you how to create vKernel portgroup.

Right Click on the vDS and Choose “Add and Manage Hosts”

vDCA550-Obj-2-3-ConfPortGroupIsolation-027

A Wizard to add host is started. Choose “Add Hosts” option -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-28

Add a new Host -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-29

Choose First two options as highlighted -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-30

Choose “Assign uplink” option to assign a Physical adapter vmnic1 to uplink1 -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-31

Next define “new adapter” for vKernel Port. When you click on “new adapter” a new wizard will started

vDCA550-Obj-2-3-ConfPortGroupIsolation-32

In the vKernel adapter wizard. Choose the existing port group “IPStorage” by using browse button. As you knew I already created an IPStrage port group. So I am going to select it -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-33

Next leave as default. Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-34

Use static IPv4 settings -> and enter the IP Address for IPStorage vKernel port Group -> Click “Next” and then “finish”

vDCA550-Obj-2-3-ConfPortGroupIsolation-35

Now as you can see vmk1 vkernel adapter has been created as highlighted -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-36

Next it will analyze the impact of ISCSI against our choosed NIC -> Click “Next” and then “finish”

vDCA550-Obj-2-3-ConfPortGroupIsolation-37

Now Check the Topology diagram. IPStorage Portgroup has everything we need.

vDCA550-Obj-2-3-ConfPortGroupIsolation-38

2-Create Portgroup named “vMotion1” for vMotion traffic and isolate with “VLAN18” on uplink “vmnic3 (uplink3)”

Use the Same Procedure to create another vDS portGroup with name “vMotion1”. Next edit his settings.

In “vMotion1” edit Setting-> VLAN-> Choose VLAN type “VLAN” and VLAN ID “18”

vDCA550-Obj-2-3-ConfPortGroupIsolation-39

In “vMotion1” edit Setting-> Teaming and failover-> Place Uplink3 as active and move uplink1, 2 in unused adapter list -> Click “OK”

vDCA550-Obj-2-3-ConfPortGroupIsolation-40

To create the vKernel PortGroup. Right Click on the vDS and Choose “Add and Manage Hosts”

vDCA550-Obj-2-3-ConfPortGroupIsolation-027

A Wizard to add host is started. Because we already added a host in previous step. So this time we choose “Manage Host Networking” option -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-41

Attach a existing host> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-42

Choose first two options as highlighted -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-30

Choose “Assign uplink” option to assign a Physical adapter “vmnic3” to uplink3 -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-43

Next define “new adapter” for vKernel Port. When you click on “new adapter” a new wizard will started

vDCA550-Obj-2-3-ConfPortGroupIsolation-32

In the vKernel adapter wizard. Choose the existing port group “vMotion1” by using browse button. As you knew I already created an vMotion1 port group. So I am going to select it -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-44

Next check “vMotion Traffic” checkbox from available services-> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-45

Use static IPv4 settings -> and enter the IP Address for vMotion1 vKernel port Group -> Click “Next” and then “finish”

vDCA550-Obj-2-3-ConfPortGroupIsolation-46

Now as you can see “vmk2” vkernel adapter has been created as highlighted -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-47

Next it will analyze the impact of ISCSI against our choosed NIC -> Click “Next” and then “finish”

vDCA550-Obj-2-3-ConfPortGroupIsolation-37

Now Check the Topology diagram. vMotion1 Port group has everything we need.

vDCA550-Obj-2-3-ConfPortGroupIsolation-48

3-Create Portgroup named “VM-3” for VM traffic and isolate with “VLAN20” on uplink “vmnic2 (uplink2) active/vmnic1(uplink1)  standby”

Use the Same Procedure to create another vDS portGroup with name “VM-3”. Next edit his settings.

In “VM-3” edit Setting-> VLAN-> Choose VLAN type “VLAN” and VLAN ID “18”

vDCA550-Obj-2-3-ConfPortGroupIsolation-49

In “VM-3” edit Setting-> Teaming and failover-> Place Uplink2 as active, Uplink1 as standby and move uplink3 in unused adapter list -> Click “OK”

vDCA550-Obj-2-3-ConfPortGroupIsolation-50

Next if you see in the topology diagram. Uplink2 has no NIC attached to him. In our example our task is to assign uplink2 with vmnic2.

vDCA550-Obj-2-3-ConfPortGroupIsolation-51

To attach a physical NIC with uplink. We will go through the following process. Right Click on the vDS and Choose “Add and Manage Hosts”

vDCA550-Obj-2-3-ConfPortGroupIsolation-027

A Wizard to add host is started. Because we already added a host in previous step. So this time we choose “Manage Host Networking” option -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-41

Attach a existing host> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-42

This type choose only first option as highlighted. Because we have no need to create any vKernel adapter this time-> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-52

Choose “Assign uplink” option to assign a Physical adapter “vmnic2” to uplink2 -> Click “Next”

vDCA550-Obj-2-3-ConfPortGroupIsolation-53

Next it will analyze the impact of ISCSI against our choosed NIC -> Click “Next” and then “finish”

vDCA550-Obj-2-3-ConfPortGroupIsolation-37

Now Check the Topology diagram of VM-3 PG. VM-3 has vmnic2 attach to uplink2 now

vDCA550-Obj-2-3-ConfPortGroupIsolation-54

Here is the final topology diagram of our vDS.

From Webclient:

vDCA550-Obj-2-3-ConfPortGroupIsolation-55

From Classic client:

vDCA550-Obj-2-3-ConfPortGroupIsolation-56

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s