Upon completion of the switch configuration, there should be unobstructed network paths between the switch ports and the ports on the VxRail nodes. The VxRail management network and VM network should have unobstructed passage to your data center network. Before forming the VxRail cluster, the VxRail initialization process performs several verification steps, including:
- Verifying switch and data center environment supportability
- Verifying passage of VxRail logical networks
- Verifying accessibility of required data center applications
- Verifying compatibility with the planned VxRail implementation
Certain data center environment and network configuration errors can cause the validation to fail, and the VxRail cluster will not form. When validation fails, the data center settings and switch configurations must undergo troubleshooting to resolve the problems reported.
Confirm the settings on the switch, using the switch vendor instructions for guidance:
- External management traffic is untagged on the native VLAN by default. If a tagged VLAN is used instead, the switches must be customized with the new VLAN.
- Internal device discovery network traffic uses the default VLAN of 3939. If this VLAN has changed, all ESXi hosts must be customized with the new VLAN, or device discovery will not work.
- Confirm that the switch ports that attach to VxRail nodes allow passage of all VxRail network VLANs.
- Confirm that the switch uplinks allow passage of external VxRail networks.
- If you have two or more switches, confirm that an interswitch link is configured between them to support passage of the VxRail network VLANs.
Confirm your firewall settings
You may have positioned a firewall between the switches that are planned for VxRail and the rest of your data center network. If so, be sure that the required firewall ports are open for VxRail network traffic.
- Verify that VxRail can communicate with your DNS server.
- Verify that VxRail can communicate with your NTP server.
- Verify that VxRail can communicate with your syslog server if you plan to capture logging.
- Verify that your IT administrators can communicate with the VxRail management system.
- If you plan to use a customer-supplied vCenter, verify open communication between the vCenter instance and the VxRail managed hosts.
- If you plan to use a third-party syslog server instead of Log Insight, verify that open communication exists between the syslog server and the VxRail management components.
- If you plan to deploy a separate network for ESXi host management (iDRAC), verify that your IT administrators can communicate with the iDRAC network.
- You may plan to use an external Secure Remote Services (SRS) gateway in your data center instead of SRS-VE deployed in the VxRail cluster. If so, verify the open communications between VxRail management and the SRS gateway.
See Appendix D: VxRail Open Ports Requirements for information of VxRail port requirements.