Hello everyone, I have to install the first Nutanix cluster from a customer but I can't figure out how to setup the network. All customer switches (Aruba 2930, 2920) have the native vLAN (vLan1) dedicated to workstations and servers, while the management network is vLan ID 10 where the ESX, storage controllers, backup NAS and the Veeam server backing up the current infrastructure. This is the situation of all my customers, vLAN10 is completely isolated and unreachable from the native vLAN1, this was done to prevent any ransomware from affecting the backups as well. Now, Nutanix recommends configuring the CVM and hypervisor host VLAN as the native, or untagged, VLAN on the connected switch ports. I'm sure it would be nice to have all of the management in the native, adding a node would be much easier and I think the simpler things are kept the better. Furthermore, vLAN10 is propagated on many remote racks because obviously the backup NAS do not reside in the same racks as the servers, how can I configure this situation?
Thanks in advance.
Page 1 / 1
Hi @Purlilium
As you wrote the recommended configuration is to configure CMV and Hosts VLAN as native VLAN. Here’s and example of an Arista switch
The configuration for Active-Backup is simple, just configure both switch ports as trunk and then set the native vlan.
If you plan to run LACP you´ll need also to configure a Port-channel or whatever name it have on your switches with the same configuration, trunk and native vlan.
Hope this helps
Regards!
Hi @bcaballero, then I can configure the ports that I connect the Nutanix cluster to on the management vLan (which in my case is the ID10 vlan). From the documentation I thought you had to necessarily use the native vlan which by default is 1 in Aruba switches...
The AHV and CVM in native vlan is to “Keep It Simple” (KIS). But if you need it in separate vlan you can do that as well (and for the KIS procedure, do it during foundation).
Although the CVM are not accessible via the normal network, that makes managing the environment a bit hard.
VLAN 1 (WKS and Servers) = Configured by default on all switch ports as a native VLAN
VLAN 10 (ESX,...) = The VLAN that you would like to configure as native VLAN for Nutanix nodes
With that being said, I would configure VLAN 10 as native on required ports, which means that anything that you connect on that ports will be on that VLAN without further configuration, and the other required VLANs as trunked. Then on your cluster via Prism Element create a new network for VLAN 1 to connect required VMs.
Hope this helps
Regards
Hi @JeroenTielen and @bcaballero, thanks for answers!
Actually I have 7 vLANs (telephone, video surveillance, production, DMZ etc...) but the two that I have described are actually interesting. I also have about twenty stacks/switches spread across various racks over 3 different establishments. For this very reason I would like to keep things as simple as possible and avoid further complexities. Here is the complete detail:
VLAN ID Name 1 DEFAULT_VLAN 10 Management 20 DMZ 30 Phones 40 Surveillance 50 ProdA
The doubt arose due to the fact that currently in all the switches the native vLan is the vlan ID1 which is propagated untagged on the trunks of all the switches. But I want to follow Nutanix's recommendations and make sure that all nodes and CVMs are untagged, but these machines must be connected on vLAN 10 which is dedicated to management and inaccessible to users for security reasons.
If I understand correctly I have to set the switch ports in untagged mode for vLan 10 (the ones on which I connect the Nutanix nodes) and on the nutanix side leave vLAN 0 as it is without applying tags, then I will create the other networks tagged for all the others vlan.
Hi @Purlilium
That is. You can configure Nutanix switch ports with VLAN 10 as native and the rest of VLANs in the trunk. Or you can filter what VLANs will be on the trunk. It’s up to you.
If you need to connect VMs to VLAN 10 you can create the network on Prism Element with tag 0 because is the native vlan. Afterwards you can create all the networks in the trunk on Prism Element with their respective tag.
