Segmenting Stretched Layer 2 Network for DR | Nutanix Community
Skip to main content
Question

Segmenting Stretched Layer 2 Network for DR


Forum|alt.badge.img+1

 

 

Hello,

 

As part of our Metro availability setup (two Nutanix clusters with 10 nodes per site), we plan to implement network segmentation for DR traffic and storage/RF traffic on each cluster.

 

For the DR traffic, the guide suggests you can use a stretched Layer 2 network configuration without requiring a gateway. This is our preferred approach, to have one VLAN/subnet stretched across the sites dedicated to Metro traffic.

 

To set this up, I plan to:

  1. In Prism, create the IP pool using half the subnet and specify the service being isolated (in this case, DR). Specify the port group in ESXi to be used for DR traffic.
  2. Repeat the same steps on the other cluster, using the upper part of the IP range. Specify the same port group used in step one.
  3. Run the commands outlined in the KB below on both clusters.

https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v7_0:sec-network-segmentation-enable-l2stretch-ns2-t.html

 

My questions are:

  1. Are my steps correct?
  2. Why do I need to run the commands if everything is configured in Prism?

 

I'm a bit confused about the need to perform the command line steps  - what are they doing?

 

Any help would be appreciated.

 

Thanks,

0 replies

Be the first to reply!