[c-nsp] Nexus1000v: Mgmt Port

Christina Klam cklam at ias.edu
Mon Aug 16 09:46:25 EDT 2010 

JP,

Thank you.  That is reassuring.  I ended up doing something very similar (but my control/packet are on the DVS and on the same VLAN).  

Christina Klam
Network Administrator
Institute for Advanced Study
Email:  cklam at ias.edu

Einstein Drive              Telephone: 609-734-8154
Princeton, NJ 08540     Fax:  609-951-4418


-----Original Message-----
From: jpv at jpv.xs4all.nl [mailto:jpv at jpv.xs4all.nl] On Behalf Of JP Velders
Sent: Saturday, August 14, 2010 11:25 PM
To: Christina Klam
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Nexus1000v: Mgmt Port


> Date: Wed, 04 Aug 2010 09:06:25 -0400
> From: Christina Klam <cklam at ias.edu>
> Subject: [c-nsp] Nexus1000v:  Mgmt Port

> I am setting up a pair of Nexus 1000v switches.   As per the Cisco
> documentation, I have the management port in my system-uplink 
> port-group.

Be careful with which documentation you use, some of it contradicts others, which can make for interesting interpretations. :)

> My question is:
> 1.  Does the management port have to be in the same VLAN as the VM 
> Host server?

No.

> 3.  OR, if (1) is YES, then what do you think about putting the VM 
> Hosts
> (ESXI) on a separate VLAN than the virtual servers?

I think that's standard practice for VMware, not ?

I've done the following for an ESX4 environment:
* VLAN for ESX vmkernel interfaces (the ones vSphere contacts)
* VLAN for mgmt0 (vlan1 in our case) [VSM VM interface #2 IIRC]
* VLAN for control stuff between VSM/VEM's [VSM VM interface #1 IIRC]
* VLAN for packet stuff between VSM/VEM's [VSM VM interface #3 IIRC]

Do put thought into how you want to hookup the physical ESX hosts, we opted to use 2 onboard GE NIC's to (initially) carry all 4 of those VLAN's and get the 1000v running, you can't go directly to a situation where the VSM/VEM's will see eachother through a VSM managed DVS. :(

We have 2 add-on 10GE NIC's that are the physical interfaces for the DVS, on which we've placed all the VLAN's for VM's...

We had way too much trouble in trying to get control/packet stuff to work on DVS managed interfaces, so we opted to keep that seperated.

Kind regards,
JP Velders

More information about the cisco-nsp mailing list