Wednesday, October 28, 2009
Tuesday, October 27, 2009
VMware vSwitch and Cisco switch configuration
These are field configurations that have been in-use for years and have their origin from both VMware and Cisco Best Practice documents regarding VMware integration. We use these configurations as reference when working with customer’s network teams in setting up any new Cisco network equipment for VMware.
Standard trunk port Best Practice switchport configuration:
interface GigabitEthernet#/#
description <<** ESX Host #/# **>>
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
switchport nonegotiate
spanning-tree portfast trunk
exit
Standard ether-channel Best Practice switchport configuration:
IMPORTANT NOTE: Etherchannel is only applicable if all the interfaces bound to the channel are going to the same physical switch OR that all of the interfaces are going to different physical switches which are stacked together (with an actual stacking cable, not an ISL.) If you are running these interfaces to two separate network switches, you cannot Etherchannel them and they should be configured as above rather than the example below.
interface port-channel #
description <<** ESX EC# **>>
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
interface GigabitEthernet#/#
description <<** EC#/INT# **>>
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
channel-group # mode on
interface GigabitEthernet#/#
description <<** EC#/INT# **>>
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
channel-group # mode on
exit
NOTE: It is also worth mentioning that it is assumed the member ports (those with channel-group # mode on as above) will inherit their configuration from the channel-group but it is sometimes necessary to replicate that configuration to their individual switchport configurations as above.
Standard trunk port Best Practice switchport configuration:
interface GigabitEthernet#/#
description <<** ESX Host #/# **>>
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
switchport nonegotiate
spanning-tree portfast trunk
exit
Standard ether-channel Best Practice switchport configuration:
IMPORTANT NOTE: Etherchannel is only applicable if all the interfaces bound to the channel are going to the same physical switch OR that all of the interfaces are going to different physical switches which are stacked together (with an actual stacking cable, not an ISL.) If you are running these interfaces to two separate network switches, you cannot Etherchannel them and they should be configured as above rather than the example below.
interface port-channel #
description <<** ESX EC# **>>
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
interface GigabitEthernet#/#
description <<** EC#/INT# **>>
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
channel-group # mode on
interface GigabitEthernet#/#
description <<** EC#/INT# **>>
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,#,#,#
switchport mode trunk
channel-group # mode on
exit
NOTE: It is also worth mentioning that it is assumed the member ports (those with channel-group # mode on as above) will inherit their configuration from the channel-group but it is sometimes necessary to replicate that configuration to their individual switchport configurations as above.
Tuesday, October 20, 2009
Monday, October 19, 2009
FreeBSD and multiple gateways
Question: How to add multiple gateways to a FreeBSD?
Answer: No you can not do this (at least directly) on FreeBSD. FreeBSD don't support multiple gateways.
Workaround solution: If you have a server with 2 set of IPs and each set have there own gateway.
- First, you must select one of the gateway to be a default gateway.
- Then, You need ipfw (or any FreeBSD firewall solution),
Check that your kernel support ipfw, if not, recompile your kernel with the following options(IPDIVERT and DUMMYNET is not required, but if you add IPFW/IPFW2 it better to also add these two options)#Firewall & NAT & DummyNet
add the following rule to your ipfw rules set.
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options DUMMYNET
options IPFW2ipfw add rule_no fwd second_gateyway_ip ip from ip_of_this_gateway to not me
For example, I have 2 ip set (10.0.0.100,10.0.0.101,10.0.0.102 for gateway 10.0.0.254) and (192.168.0.77,192.168.0.78 for gateways 192.168.0.254). I chose 10.0.0.254 as the default gateway. So, my ipfw rules areipfw add 100 fwd 192.168.0.254 ip from 192.168.0.77 to not me
ipfw add 110 fwd 192.168.0.254 ip from 192.168.0.78 to not me
Thursday, October 08, 2009
Články o administraci CISCO switchů
http://www.samuraj-cz.com/clanky-kategorie/cisco-admin/
Článek o konfiguraci CISCO a ESX teamingu
http://www.samuraj-cz.com/clanek/vmware-esxi-a-nic-teaming-aneb-pripojeni-pres-vice-sitovek/
Článek o konfiguraci CISCO a ESX teamingu
http://www.samuraj-cz.com/clanek/vmware-esxi-a-nic-teaming-aneb-pripojeni-pres-vice-sitovek/
Subscribe to:
Posts (Atom)