Hi ,
i need some help for configuring a SureReplica in Advanced Multi Host configuration.
I know that i need a dVS in VmWare but i have some questions on how to configure it.
Do i need to create the isolated vlan in my physical switches?
Do i need to give uplink to my dVS also if is only used for the isolated environment? I read a post that say to put uplinks on dVS portGroup to "Unused" on VmWare Vcenter.
There is a reference that explain the hole process? Thank you.
-
- Influencer
- Posts: 22
- Liked: 1 time
- Joined: Sep 15, 2020 9:13 am
- Full Name: Bruno
- Contact:
-
- Veeam Software
- Posts: 3626
- Liked: 608 times
- Joined: Aug 28, 2013 8:23 am
- Full Name: Petr Makarov
- Location: Prague, Czech Republic
- Contact:
Re: Advanced Multi Host Lab
Hi Bruno,
I'd suggest to take a look at this page. Basically, you have 2 options for port groups isolation either to connect DVS uplinks to the isolated network or to use vlan tagging.
Thanks!
I'd suggest to take a look at this page. Basically, you have 2 options for port groups isolation either to connect DVS uplinks to the isolated network or to use vlan tagging.
Thanks!
-
- VP, Product Management
- Posts: 6035
- Liked: 2860 times
- Joined: Jun 05, 2009 12:57 pm
- Full Name: Tom Sightler
- Contact:
Re: Advanced Multi Host Lab
Hi Bruno,
To add to Petr comments, setting up an isolated network using vDS across mulitple hosts will definitely require that network to be connected to each other via some type of uplink if you want VMs on different hosts to be able to talk to each other across the isolated network (this is almost always the desired setup). Without some type of physical link between the hosts, VMs on one host will not be able to communicate with VMs on a different host even if they are both connected to the same isolated network.
As Petr mentioned, you can do this by either using dedicated uplinks to an isolated network switch, or by using VLAN tagging and creating isolated VLANs in your existing switches. Most customer simple use VLANs and VLAN tagging. To give you a more "real world" example, I'll share what I do in my own lab.
My lab network consist of a number of different VLANs (Management, Production, Storage, Backup, etc), these VLANs are numbered 60-65 and my switches have full layer-3 switching/routing between them, although with some restrictive firewall rules for the different networks. To create Surebackup labs I created additional VLANs numbered 1060-1065 on the switch as just dumb layer 2 VLANs so isolated from everything else on the switch. I then created portgroups on the vDS that create networks (Isolated-Management, Isolated-Production, etc) using the 1060-1065 VLANs and I use these portgroups in the SureBackup lab setup when mapping production networks to isolated networks.
It sounds complex, but once you work out the process one time it becomes more clear and it really isn't that bad at all.
To add to Petr comments, setting up an isolated network using vDS across mulitple hosts will definitely require that network to be connected to each other via some type of uplink if you want VMs on different hosts to be able to talk to each other across the isolated network (this is almost always the desired setup). Without some type of physical link between the hosts, VMs on one host will not be able to communicate with VMs on a different host even if they are both connected to the same isolated network.
As Petr mentioned, you can do this by either using dedicated uplinks to an isolated network switch, or by using VLAN tagging and creating isolated VLANs in your existing switches. Most customer simple use VLANs and VLAN tagging. To give you a more "real world" example, I'll share what I do in my own lab.
My lab network consist of a number of different VLANs (Management, Production, Storage, Backup, etc), these VLANs are numbered 60-65 and my switches have full layer-3 switching/routing between them, although with some restrictive firewall rules for the different networks. To create Surebackup labs I created additional VLANs numbered 1060-1065 on the switch as just dumb layer 2 VLANs so isolated from everything else on the switch. I then created portgroups on the vDS that create networks (Isolated-Management, Isolated-Production, etc) using the 1060-1065 VLANs and I use these portgroups in the SureBackup lab setup when mapping production networks to isolated networks.
It sounds complex, but once you work out the process one time it becomes more clear and it really isn't that bad at all.
-
- Influencer
- Posts: 22
- Liked: 1 time
- Joined: Sep 15, 2020 9:13 am
- Full Name: Bruno
- Contact:
Re: Advanced Multi Host Lab
Thank you for your exaustive answer.
So if i understand right , quoting your answer "by using VLAN tagging and creating isolated VLANs in your existing switches" i have to create isolated network in my physical switches right?
So if i understand right , quoting your answer "by using VLAN tagging and creating isolated VLANs in your existing switches" i have to create isolated network in my physical switches right?
-
- VP, Product Management
- Posts: 6035
- Liked: 2860 times
- Joined: Jun 05, 2009 12:57 pm
- Full Name: Tom Sightler
- Contact:
Re: Advanced Multi Host Lab
Yes, something has to be the conduit of those networks between the hosts, only the physical switches that connect those hosts together can be that conduit.
Who is online
Users browsing this forum: Google [Bot] and 43 guests