The upstream network from the VxRail cluster must be configured to allow passage for VxRail networks that require external access. The switches supporting direct connectivity to the VxRail cluster should pass the external-facing VxRail network traffic through a pair of switch ports upstream to a pair of switch ports on the next network layer (spine). The switches at the next layer needs to direct this network traffic to the appropriate data center services and end-user community.
The VxRail External Management Network should be accessible to your location’s IT infrastructure and personnel only. IT administrators require access to this network for day-to-day management of the VxRail cluster, and the VxRail cluster is dependent on outside applications such as DNS and NTP to operate correctly.
Figure 23 Logical Network including Upstream Elements
VxRail Virtual Machine Networks support access to applications and software that is deployed on the virtual machines on the VxRail cluster. While you must create at least one VxRail Virtual Machine network at VxRail initial implementation, additional VxRail Virtual Machine networks can be added to support the end-user community. The spine switch must be configured to direct the traffic from these VxRail Virtual Machine networks to the appropriate end-users.
The VxRail Witness Traffic Separation Network is optional if you plan to deploy a stretched-cluster. The VxRail Witness traffic separation network enables connectivity between the VxRail nodes with the witness at an offsite location. The remote-site witness monitors the health of the vSAN datastore on the VxRail cluster over this network.
Using the VxRail Network Configuration table, perform the following steps:
Step 1. Configure the External Management Network VLAN (Row 1) on the spine switch.
Step 2. Configure all of the VxRail Virtual Machine Network VLANs (Rows 39 and 40) on the spine switch.
Step 3. If applicable, configure the VxRail Witness Traffic Separation Network VLAN (Row 50) on the spine switch.
Step 4. Create a logical pair (port channel) on the spine switch ports that will connect downstream to the uplinks on the TOR switch or switches.
Step 5. Enable routing services or configure additional logical pairs as necessary to direct VxRail network traffic to the appropriate end destination.