Tip

VMware ESX Server networking with HP Virtual Connect

Hewlett-Packard (HP) Virtual Connect is a product technology introduced with the c7000 BladeSystem chassis. The idea behind Virtual Connect is to provide additional flexibility above and

    Requires Free Membership to View

beyond what traditional chassis-based switches might provide. You can, for example, create server profiles that map network interface cards (NICs) on each blade to different networks; these profiles can then be assigned to servers in the blade chassis on a slot-by-slot basis. Of course, these profiles can also be quickly and easily modified.

While the idea of server profiles can be useful in VMware Infrastructure 3 (VI3) environments, Virtual Connect's ability to integrate with VLAN tagging configurations is perhaps more applicable to ESX Server deployments on c-Class blades. In this article, we'll take a look at how VirtualConnect integrates with ESX Server with regards to networking configurations.

In an earlier article, we reviewed how to configure VLANs in VI3. If you aren't familiar with how VLANs work in a VI3 environment, have a look at that article. You may also want to review this article on VLAN tagging tips as well.

How Virtual Connect differs in ESX

With the aforementioned VLAN information, let's think about how using ESX Server with Virtual Connect might be a bit different. Uplinks, or connections from the Virtual Connect switches in the chassis to typical rack-mounted switches, are defined as either Ethernet networks or shared uplink sets. These uplink definitions behave differently and will have a direct impact on the vSwitch/port group configuration for ESX Server.

Ethernet networks as defined in Virtual Connect define which uplinks that network is allowed to use, but they do not affect the 802.1Q status of the downstream connections (the connections to the servers inside the chassis). Organizations implementing Virtual Connect on their c-Class chassis may define different Ethernet networks so that each network's uplinks connect to different core switches for redundancy, for example. Or perhaps the different Ethernet networks and their uplinks will connect to physically separate switches in different security contexts, like an internal corporate network and a demilitarized zone (DMZ).

In either way, these Ethernet networks will "pass through" the 802.1Q status of the physical switchport to which it is uplinked. If the physical switch port to which they are connected is configured as an 802.1Q VLAN trunk, then the downstream ports will act as 802.1Q VLAN trunks. Likewise, if the uplink is connected to a switchport that is configured as a static access port, then the downstream ports will act as static access ports.

So, if an organization wants to use virtual switch tagging (VST), where ESX Server will have port groups with the appropriate VLAN tags, then the physical switch ports where the Virtual Connect Ethernet networks' uplinks are connected must be configured as 802.1Q VLAN trunks. This is also true if an organization wants to use virtual guest tagging (VGT), since VGT requires that the VLAN tags get passed all the way up to the virtual machine.

If an organization wants to use external switch tagging (EST), where ESX Server has a separate vSwitch for each VLAN, then the physical switch ports to which the Virtual Connect Ethernet networks' uplinks connect must be configured as static access ports.

An exception to the rule

In the Virtual Connect world, the exception is a shared uplink set. With a shared uplink set, the uplink from the Virtual Connect switch to the external network infrastructure is configured as an 802.1Q VLAN trunk, but the downstream ports are presented as static access ports. This is accomplished through the use of associated networks, each of which represents a VLAN. Outside the chassis, the Virtual Connect uplink will carry multiple VLANs; inside the chassis, the Virtual Connect switch will direct traffic onto an associated network using the VLAN tag and the VLAN ID configured for the associated network.

When used in conjunction with ESX Server, shared uplink sets force the use of EST because VLAN tags are stripped away by the Virtual Connect switch. Therefore, the ESX Server can't use the VLAN tags, and must resort to a different vSwitch -- each with one or more pNICs as uplinks -- for each VLAN/associated network. This solution may be useful in some situations, but typically wouldn't scale well for environments with many different VLANs.

Of course, there's more to HP Virtual Connect than just Ethernet networks, shared uplink sets, and associated networks. Those are topics for future articles!

 About the author: Scott Lowe has had a lifelong love of computers, dating all the way back to his first computer, a Tandy TRS-80 Color Computer. He began working professionally in the technology field in 1994, and has since held the roles of an instructor, technical trainer, server/network administrator, systems engineer, IT manager, and CTO. For the last few years, Scott has worked as a senior systems engineer with a reseller, providing technology solutions to enterprise customers.

This was first published in January 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.