Hi,
mixed network/ESX question but more net related I think.
I have my network on 2 (+ lab on third) switch which are connected via trunk. I am running a couple of esx boxes which are o/c vmotion enabled. To be able to move vms from Esx1 on SwitchA to ESX2 on SwitchB I had to setup a default GW to the vmotion VLAN.
Sidenote: ( Not sure why since I thought the trunk would 'extend' the Layer2 range over to the second switch and using the same IP net (/24) it should work, but it didn't)
Anyhow I set up a default GW for all my VLANs on my regular Sophos FW/default GW VM and its working.
Now unfortunately, since that box is the default GW for the vMotion network as well I can't vMotion this particular vm any more (since the default GW is gone while in-vMotion)
So now I am looking for a way out - I wanted to setup Sophos HA, but noticed that I can only create 10 nics on a VM so don't have capacity for the HA interface (or new future VLANs), so I am looking for alternative setups.
At the moment I have segregated all vlans by subnet (VLAN 5 -> 192.168.5.x, def GW 5.1).
Potential solutions I see:
1. move default GWs for ESX VLans to another box (either VM or maybe a RasPi) so it does not affect vMotion capability.
-Question - does traffic actually pass via the default GW if devices are in the same subnet? Relates to my lack of understanding of why i need default Gw in the first place. Wouldn't want to limit my 10G interconnect to RasPi speed
2. Move default GW for all VLans to a single interface with a wider Subnet - which would probably mean a complete IP change since one of my other outside LANs uses an ip range in between the vlan ranges - while this traffic most likely never would collide it doesn't feel right to mix ip ranges that way
-Would still require Sophos HA to prevent service interruption while vMotion of the box.
Other options?
Had some trouble with Sophos HA couple of years back which caused me to abandon it, so I'd actually prefer not to use it and just run the vm on HA or FT.
How is everybody else doing this? Can't be the only one with this kind of setup, but found little info while researching.
Thanks
mixed network/ESX question but more net related I think.
I have my network on 2 (+ lab on third) switch which are connected via trunk. I am running a couple of esx boxes which are o/c vmotion enabled. To be able to move vms from Esx1 on SwitchA to ESX2 on SwitchB I had to setup a default GW to the vmotion VLAN.
Sidenote: ( Not sure why since I thought the trunk would 'extend' the Layer2 range over to the second switch and using the same IP net (/24) it should work, but it didn't)
Anyhow I set up a default GW for all my VLANs on my regular Sophos FW/default GW VM and its working.
Now unfortunately, since that box is the default GW for the vMotion network as well I can't vMotion this particular vm any more (since the default GW is gone while in-vMotion)
So now I am looking for a way out - I wanted to setup Sophos HA, but noticed that I can only create 10 nics on a VM so don't have capacity for the HA interface (or new future VLANs), so I am looking for alternative setups.
At the moment I have segregated all vlans by subnet (VLAN 5 -> 192.168.5.x, def GW 5.1).
Potential solutions I see:
1. move default GWs for ESX VLans to another box (either VM or maybe a RasPi) so it does not affect vMotion capability.
-Question - does traffic actually pass via the default GW if devices are in the same subnet? Relates to my lack of understanding of why i need default Gw in the first place. Wouldn't want to limit my 10G interconnect to RasPi speed
2. Move default GW for all VLans to a single interface with a wider Subnet - which would probably mean a complete IP change since one of my other outside LANs uses an ip range in between the vlan ranges - while this traffic most likely never would collide it doesn't feel right to mix ip ranges that way
-Would still require Sophos HA to prevent service interruption while vMotion of the box.
Other options?
Had some trouble with Sophos HA couple of years back which caused me to abandon it, so I'd actually prefer not to use it and just run the vm on HA or FT.
How is everybody else doing this? Can't be the only one with this kind of setup, but found little info while researching.
Thanks