Vlan default gateway setup / vMotion

Rand__

Well-Known Member
Mar 6, 2014
6,128
1,495
113
Hi,

mixed network/ESX question but more net related I think.

I have my network on 2 (+ lab on third) switch which are connected via trunk. I am running a couple of esx boxes which are o/c vmotion enabled. To be able to move vms from Esx1 on SwitchA to ESX2 on SwitchB I had to setup a default GW to the vmotion VLAN.

Sidenote: ( Not sure why since I thought the trunk would 'extend' the Layer2 range over to the second switch and using the same IP net (/24) it should work, but it didn't)


Anyhow I set up a default GW for all my VLANs on my regular Sophos FW/default GW VM and its working.

Now unfortunately, since that box is the default GW for the vMotion network as well I can't vMotion this particular vm any more (since the default GW is gone while in-vMotion:p)

So now I am looking for a way out - I wanted to setup Sophos HA, but noticed that I can only create 10 nics on a VM so don't have capacity for the HA interface (or new future VLANs), so I am looking for alternative setups.

At the moment I have segregated all vlans by subnet (VLAN 5 -> 192.168.5.x, def GW 5.1).


Potential solutions I see:

1. move default GWs for ESX VLans to another box (either VM or maybe a RasPi) so it does not affect vMotion capability.
-Question - does traffic actually pass via the default GW if devices are in the same subnet? Relates to my lack of understanding of why i need default Gw in the first place. Wouldn't want to limit my 10G interconnect to RasPi speed:p

2. Move default GW for all VLans to a single interface with a wider Subnet - which would probably mean a complete IP change since one of my other outside LANs uses an ip range in between the vlan ranges - while this traffic most likely never would collide it doesn't feel right to mix ip ranges that way
-Would still require Sophos HA to prevent service interruption while vMotion of the box.

Other options?
Had some trouble with Sophos HA couple of years back which caused me to abandon it, so I'd actually prefer not to use it and just run the vm on HA or FT.

How is everybody else doing this? Can't be the only one with this kind of setup, but found little info while researching.

Thanks
 

namike

Member
Sep 2, 2014
67
17
8
41
You most definitely should be able to setup a L2 only (non-routed) vMotion VLAN between your two hosts located on different switches. Running them L3 to your Sophos box just complicates things further, and depending on your uplinks/switch speed, could slow things down.
 

Rand__

Well-Known Member
Mar 6, 2014
6,128
1,495
113
Well I don't know whether its actually using L3 or still L2 only. All 3 esx boxes use the same subnet per vlan , so routing should not apply.
But, no connectivity unless I add a default gw. As I said, I don't get it;)