The following table lists the VLAN IDs and network IP addresses used in the preferred and secondary sites in this example. These networks are configured on the leaf switches that the VxRail nodes are connected to.
VLAN ID | Description | Network | Gateway | VxRail host ports | VRF |
1 | VxRail Cluster-Build | 192.168.10.0/24 (VxRail default) | None | Untagged | default |
11 | VxRail External Management | 192.168.11.0/24 | 192.168.11.254 | Tagged | default |
12 | VxRail vMotion | 192.168.12.0/24 | None | Tagged | default |
13 | VxRail vSAN | 192.168.13.0/24 | 192.168.13.254 | Tagged | default |
14 | VxRail VM guest | 192.168.14.0/24 | 192.168.14.254 | Tagged | Vrf1 |
3939 | VxRail Internal Management/node discovery | IPv6 multicast (This traffic is allowed by default in SONiC.) | None | Tagged | default |
2001 | For VRF VNI mapping | None | None | None | Vrf1 |
2002 | BGP peering between leafs (only required for MC-LAG leaf pairs connected to DCI switches) | 192.168.202.0/31 192.168.202.2/31 | None | None | default |
The VxRail cluster-build VLAN (VLAN 1 in this example) is used for initial access to the VxRail Manager for deployment from a jump host. The External Management VLAN is used for VxRail Manager, VxRail host management, vCenter Server, DNS, and NTP traffic. The vMotion VLAN is for VM migration, and the vSAN VLAN is for distributed storage traffic. The VM guest VLAN in the table is optional and is included to demonstrate how an additional VLAN in a tenant VRF is configured. Additional guest VLANs may be added as needed. VxRail Manager uses VLAN 3939 to discover VxRail nodes.
One VRF virtual network interface (VNI) mapping VLAN is required for each optional tenant VRF on the switch. VLAN 2001 is used in this example for the tenant VRF named Vrf1.
Gateways are not used for traffic on the same network between Site 1 and Site 2. A gateway is required for VxRail External Management and vSAN traffic for communication with the witness host in Site 3. The vMotion VLAN does not use a gateway as vMotion is only done between Site 1 and Site 2, and this traffic is Layer 2. For additional VLANs such as the VxRail guest VLAN, a gateway is only required if the VMs need to communicate outside of their existing network.