vSphere Home Lab: Part 2 – There’s some junk in my trunk…

Well, I finally received the last few bits I needed to finish building my new vSphere hosts, in particular my nice little two-bay 2.5″ to 3.5″ drive adapters. These babies cost me about five bucks a piece and means I can mount two SSD’s in a single 3.5″ slot, cool.

Anyway, I started configuring my network based on the fact that I wanted to “trunk” two ports per host so that I had the native VLAN1 untagged, as well as several other tagged VLANs for my vMotion, FT, etc. Please note that trunking VLAN1 to a production ESX host is not recommended, mostly due to the potential security risks around VLAN hopping. I’ve read several VMware documents referring to not trunking VLAN1 however some say “don’t do it” and others say “it won’t work”. I can tell you that it DOES work and could be used in a production environment where the business limitations demand it. One such area would be where there is a large amount of existing network infrastructure using VLAN1 and would be too costly to change (yes, we have some instances of this :-P).

Anyway, back to my lab. I have some pretty crap home networking gear that these HP switches are plugging into and as such don’t support VLAN’s, hence why I am using the native VLAN1. I spent hours the other night trying to work out how to “trunk” several ports and really struggled. To give you some background here, I am not a network engineer and do not administer/configure switches in my day job, however, I understand enough to know how some things work :-). Most of our environment at work involves Cisco switches and because of this I am used to Cisco terminology. This is where I came unstuck…

When we “trunk” ports in a Cisco to pass multiple VLAN’s we are aren’t actually creating an Etherchannel or LACP trunk, instead we are assigning tagged VLAN’s to a port or multiple ports. While trying to stumble my way through using these HP’s I had that same philosophy in mind and could not work out why my “trunks” weren’t working!

As it turns out Cisco do things completely the opposite to most other vendors, such as HP. In the HP switches, you create a VLAN, and assign ports to the VLAN, whether tagged or untagged. I found this blog post which completely explains it all: http://networkingnerd.net/2011/02/02/when-is-a-trunk-not-a-trunk/

So, to cut a long LONG story short, I now consider myself OWNED by these switches and now understand the differences between Cisco’ism and the rest of the world when it comes to trunking, access ports and trunk ports!

Whew…now back to the cool stuff (just kidding, I actually enjoyed it!), playing with vSphere!

Oh, by the way, I’ve given up on running two switches, it’s too noisy and hot, and to be honest, I wouldn’t gain much for the purposes of my VCAP-DCA study, so I’m keeping it simple with one switch…

Thanks for reading, stay tuned for future posts, my next one will probably talk about building up the VSA’s.

Advertisements

About Ben Loveday
My name is Ben Loveday and I am working as a Systems Architect in New Zealand. I have a keen interest in VMware products and are VCAP5-DCD, VCAP5-DCA and Microsoft MCITP certified. I am studying towards VCDX5 certification…I hope! My areas of focus are the virtualisation of manufacturing automation systems with the aim to improve traditional automation/SCADA system design and improve their availability and reliability. I am married with three kids and my hobbies include playing the guitar (less often than I’d like) and listening to music, mostly 80′s Metal and Rock/Blues :-) Oh..and I'm a PC gamer!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: