cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Deployment of V2110: Question about vSwitch?

Deployment of V2110: Question about vSwitch?

Edson_Moura
New Contributor
The Installation Guide about V2110 says if all 3 NICs are used (admin/esa0/esa1) they must be connected in separate virtual switches
(vSwitches) in the ESX/ESXi host.

I have a customer that currently is running only one vSwitch in the ESX.

Someone works different this? If I running V2110 using the 3 NICs in only one vSwitch, I'll have problem in the future? Why?

Sincerely,

Edson Moura
5 REPLIES 5

hsachse
New Contributor III
Hello Paulo.

What are the recommandations for connecting the 3 vNICs to a dvSwitch (Distributed vSwitch)? Since firmware 9.x the V2110 official supports the dvSwitch, but can not find a updated installion guide. Most customers use dvSwitches to provide a consistent virtuel switching infrastructure between all ESXi hosts.

Best Regards
Hartmut

Paulo_Francisco
Extreme Employee
Deviating from recommended defined procedures is typically a bad thing. Such deployments will inherently result in GTAC escalations and result eventually in customer dissatisfaction.

As Kurt mentions, if you intend to use all three interfaces you must follow the recommended deployment configuration and use different vSwitches. With current images, the second esa port (ESA1) will NOT work if connected to the same vSwitch as esa0. We are addressing this constraint in 9.15.

However, there are additional reasons why separate vSwitches per interface will still be the recommended deployment:

1) Bandwidth capacity - Sharing a single vSwitch is typically is serviced through a single (active NIC) which may be further shared with other load on the machine. This additional load will significantly reduce the amount of bandwidth available to the controller and could give rise to interface saturation significantly below the levels defined for the platform. Even though controllers are leased as a virtual appliance it should still be considered a switching appliance, with dedicated ingress/egress ports per platform certification. Treating it like a general virtual server can lead to un-expected performance constraints.

2) Security - Separating the vSwitch ensures that traffic from users does not inadvertently get mingled with other network traffic - post de-capsulation if the controller is supporting tunneled topologies. The separate vSwitch guarantees separation and therefore improves network security.

Therefore, for the reasons above, customers/Partners need to be strongly encouraged to follow the standard deployment configuration

Kurt_Semba
Extreme Employee
Hi Edson,

if you want to physically separate the three interfaces you will need to create three vSwitches in your ESX server anyway.

Kurt

Edson_Moura
New Contributor
Hi Kurt,

Yes. I need of the three interfaces because I would like to separate the traffic logically and physically.too. There are some topologies that I'd like to point in differents interface (esa0 and esa1) and admin port to management.

Thanks for your comment,

Edson Moura

GTM-P2G8KFN