VxRail cluster operations depend on a set of networks that run on both the virtual network inside the cluster and on the adjoining physical network switches. Some of these networks, specifically for VxRail management and for end-user access must be passed to the upstream network, while other VxRail networks can stay isolated on the adjoining network switches.
It is best practice to reserve a set of Virtual LAN (VLAN) IDs in your data center network that will be assigned to support the VxRail networks, especially for production workloads. All these reserved VLANs must be configured on the adjoining physical switches connected to the VxRail nodes. The VLANs cannot be configured as private VLANs.
One VLAN is assigned for external VxRail management access. Data center services (such as DNS and NTP) that are required by VxRail cluster must be able to connect to this external VxRail management network. Routing services must be configured to enable connectivity to these services from this VxRail network. Additional VLANs, such as those required for end-user access must also be configured to support routing end-users and external applications to the virtual machines running on the VxRail cluster.
If Layer 3 routing services are not configured on the adjacent physical switches, the VLANs that need to pass upstream must be configured on adjoining network switch uplinks. They must also be configured on the ports on the upstream network devices, so they can pass through upstream to Layer 2/Layer3 layer. If Layer 3 services are enabled on the adjacent physical switches, configure the VLANs that need to pass upstream to terminate at this layer, and configure routing services for these networks to pass upstream.