Question

VLan tag for CVM Host and Guest

  • 12 November 2020
  • 4 replies
  • 3732 views

Badge

Hi Team,

We have three node (NX-8155 ) cluster connected to nexus switch.

Vlan Tag for CVM and Host : 600

Vlan Tag for Guest/Prod : 10

All are in same subnet ( Host IP : 172.21.10.x/24 , CVM IP : 172.21.10.x/24  and Guest/Prod Network : 172.21.10.x/24  )

We have allowed Layer-2 on Nexus, trunk port traffic and added both Vlans ( 600 and 10)

Question:

  1. Can we keep all under same subnet ? If so how can I communicate inter-VLan , for the purpose of CVM to communicate NTP,DNS,Monitoring and Internet.
  2. Else Can I keep CVM, Host and Guest in same Vlan ? How this will impact broadcast domain and any issue with congestion.
  3. Else Can we have two different subnet range for (CVM, Hosts) and Guest with different Vlan (600) and (10)

This topic has been closed for comments

4 replies

Userlevel 6
Badge +5

Hi Anwar101,

  1. Can we keep all under same subnet ? If so how can I communicate inter-VLan , for the purpose of CVM to communicate NTP,DNS,Monitoring and Internet.

All Controller VMs and hypervisor hosts must be on the same subnet and broadcast domain. No systems other than the CVMs and hypervisor hosts should be on this network, which should be isolated and protected. AHV Networking Best Practices: VLANs for AHV Hosts and CVMs

  1. Else Can I keep CVM, Host and Guest in same Vlan ? How this will impact broadcast domain and any issue with congestion.

Same as above, this configuration is not recommended.

  1. Else Can we have two different subnet range for (CVM, Hosts) and Guest with different Vlan (600) and (10)

This is the best option out of the tree. “The recommended VLAN configuration is to place the CVM and AHV host in the untagged VLAN (sometimes called the native VLAN) as shown in the figure below. Neither the CVM nor the AHV host requires special configuration with this option. Configure the switch to allow tagged VLANs for user VM networks to the AHV host using standard 802.1Q VLAN tags. Also, configure the switch to send and receive traffic for the CVM and AHV host’s VLAN as untagged. Choose any VLAN on the switch other than 1 as the native untagged VLAN on ports facing AHV hosts.” You can add a VLAN tag to the host and the CVM as well.

I wonder what makes you separate one IP subnet into three by the use of the VLAN tags? Using three IP ranges each with a dedicated VLAN tag would make both management and troubleshooting so much easier.

Badge

Thank You for your reply,

Native Vlan is blocked at Uplink Switch, As you suggested.

I will use two different subnet and two different Vlan , one for ( CVM&Host) and Other for Guest.

I have 4 , 10 GB ports ( 2 with Sfp+ copper ) and 2 with RJ45 . Can I add all in one Bridge (Br0).

We Have AHV running underneath. Can you suggest what need to set for LACP ( Dynamic/Static ) .

 

Badge

Along with that , Any article to change CVM and Host Ips or Shall I rebuild the cluster with new configuration ?

Userlevel 6
Badge +5

Hey,

I really think you would benefit greatly from reading the AHV Best Practices doc that I referenced in my previous comment. It goes over LACP, VLANs, NICs speed, bridge configuration and more. It also goes over the process of changing the CVM VLAN.

We recommend keeping NICs of the same speed in the br0 bond.

AHV Admin Guide: Changing the IP Address of an Acropolis Host
Acropolis Advanced Setup Guide: Changing the Controller VM IP Addresses in your Nutanix Cluster (CLI Script)

KB-3263 AHV | How to Enable, Disable, and Verify LACP