For the VxRail cluster to fully deploy and function, a set of requirements must be followed. The first requirement is that the network services required for VxRail are functional. Ensure that the cluster has access to domain name server (DNS) and network time protocol (NTP). These settings are entered during the setup. VxRail will not deploy if it cannot reach either service. Syslog is not required but recommended for monitoring of the system.
Another requirement is to choose the type of vCenter deployment. There is the embedded option, which comes packaged with VxRail, and this is a good option for a single-cluster deployment. The other option is to deploy an external vCenter instance somewhere within the network. This external instance is better suited for instances with multiple VxRail clusters to be managed.
Designate virtual local area network (VLAN) IDs in your network to be assigned to the VxRail network. The External Management network must be able to route to DNS and NTP services. The minimum VxRail VLANs that must be deployed to enable full functionality are the following:
- External Management
- Internal Management
- vSAN
- vMotion
- Guest VM Networks
- Server Out-of-Band (iDRAC)
The following figure illustrates a server cluster connected to two ToR switches for high availability and a separate out-of-band management node.
Assign IP addresses to the different networks. Internal Management does not require addressing, while External Management requires a routable IP to reach network services. vSAN and vMotion networks can use nonroutable addresses used within the cluster. If planning a multirack deployment, plan for a large subnet allocation.
Consider using reserved addressing for VxRail manager when planning for the networks previously mentioned. The reserved IP address ranges are: 172.28.0.0/16, 172.29.0.0/16, 10.0.0.0/24, and 10.0.1.0/24.
During the initial build of the VxRail cluster, the External Management network must follow these rules:
- The IP address scheme must be public (routable).
- The IP address must be a fixed IP (not DHCP).
- The IP address cannot be in use.
- The IP address range must all be in the same subnet.
Use the following table for the VxRail open ports requirements, found in Appendix D of the Dell VxRail Network Planning Guide, to identify which services are allowed to run over the network.
Description | Source devices | Destination devices | Protocol | Ports |
DNS | VxRail Manager, Dell iDRAC | DNS servers | UDP | 53 |
NTP client | Host ESXi Management Interface, Dell iDRAC, VMware vCenter Servers, VxRail Manager | NTP servers | UDP | 123 |
Syslog | Host ESXi Management Interface, vRealize Log Insight | Syslog server | TCP | 514 |
LDAP | VMware vCenter Servers, PSC | LDAP server | TCP | 389, 636 |
SMTP | SRS Gateway VMs, vRealize Log Insight | SMTP servers | TCP | 25 |
ESXi Management | Administrators | Host ESXi management interface | TCP, UDP | 902 |
VxRail Management GUI/Web interface | Administrators | VMware vCenter Server, VxRail Manager, Host ESXi Management, Dell iDRAC port, vRealize Log Insight, PSC | TCP | 80, 443 |
Dell server management | Administrators | Dell iDRAC | TCP | 623, 5900, 5901 |
SSH and SCP | Administrators | Host ESXi Management, vCenter Server Appliance, Dell iDRAC port, VxRail Manager Console | TCP | 22 |
vSphere Clients to vCenter server | vSphere clients | vCenter server | TCP | 5480, 8443, 9443, 10080, 10443 |
Managed Hosts to vCenter | Host ESXi Management | vCenter server | TCP | 443, 902, 5988,5989, 6500, 8000, 8001 |
Managed Hosts to vCenter Heartbeat | Host ESXi Management | vCenter server | UDP | 902 |