Really simple VMotion question

J

Jay_2

2[H]4U
Joined
Mar 20, 2006
Messages
3,583
Hi,

Does vmotion require a dedicated NIC or can it be a vswitch on its own VLAN with a shared NIC? This is only a home lab / web hosting environment for 2 x N54Ls with shared storage.

Thanks ;)
 
You can add a vMotion port to an existing vSwitch (and thus vmnic/pnic) that is already in use.

I've always done a separate vSwitch and vmnic, but I just tried it and it worked.
 
It doesn't require one no, but is good practise in production environments. It will be fine shared in a lab.
 
yes I know in prod its best to have its own nic in a none routed vlan as well as its not encrypted just wondered if its possible to use one of my current NICs. Thanks :)
 
Yep. You can just enable vMotion over your Management vmkernel if you want.
 
Jay_oasis said:
yes I know in prod its best to have its own nic in a none routed vlan as well as its not encrypted just wondered if its possible to use one of my current NICs. Thanks :)
Click to expand...

This has nothing to do with encryption. It is more related to the significant amount of traffic generated during a vMotion operation. The entire contents of a virtual machine's memory are copied from one ESX host to another while moving the machine.

Keeping this traffic on an isolated, non-routable subnet prevents unnecessary traffic from potentially routing through on your network. Additionally, placing it on a separate VLAN or physical network further isolates the traffic.
 
REDYOUCH said:
This has nothing to do with encryption. It is more related to the significant amount of traffic generated during a vMotion operation. The entire contents of a virtual machine's memory are copied from one ESX host to another while moving the machine.
Click to expand...

VMware's hardening guides state that vMotion traffic should be placed on an isolated, nonroutable network for security reasons as memory content is transferred in plaintext and can be observed or modified.
 
markwo said:
VMware's hardening guides state that vMotion traffic should be placed on an isolated, nonroutable network for security reasons as memory content is transferred in plaintext and can be observed or modified.
Click to expand...

This is VMware's stated best practice and should be strictly followed in a production environment. For the sake of this guy's lab though, he can throw a few NICs to a port group and either trunk it to its own non-routed VLAN or go the cheapy route and just throw it on its own subnet without VLANNing on the same NICs (not recommended but it'll allow this guy to do what he wants without much trouble).
 
VMotion will work on any vswitch or vmnic where you have or create a VMKernel port.
It must have an IPAddress that can reach the other host you are attempting to migrate to.
Best practice or Prod configs aside here:
- Don't attempt to "route" vmotion traffic.
- Try to make the network you configured for vmotion at least 1Gb. It "could" work over a 100Mb network depending on how much memory page change you have in your VM and how much ram is assigned to the VM.

Simple answer to the main question here:
- Create a vmk for vmotion or enable it on an existing vmk and as long as the IP address assigned to the vmk can reach the vmk on the "going to" host vmk port, it will attempt to migrate.
 
REDYOUCH said:
This has nothing to do with encryption. It is more related to the significant amount of traffic generated during a vMotion operation. The entire contents of a virtual machine's memory are copied from one ESX host to another while moving the machine.

Keeping this traffic on an isolated, non-routable subnet prevents unnecessary traffic from potentially routing through on your network. Additionally, placing it on a separate VLAN or physical network further isolates the traffic.
Click to expand...

Not only this, but I've seen firsthand a customer have connectivity issues because they put a host into maintenance mode and the onslaught of guests vmotioning crushed the public vlan.
 
You must log in or register to reply here.
Back
Top