Archive

Archive for September, 2014

Private VLAN, Nexus 1000v and UCS Configuration

September 23rd, 2014 Comments off

Before we start, here are a few things to remember:

  • Only isolated ports are supported in UCS. With the N1K incorporated, you can use community VLANs, but the promiscuous port must be on the N1K as well.
  • A server virtual Network Interface Controller (vNIC) in UCS cannot carry both a regular and an isolated VLAN.
  • There is no support for promiscuous ports/trunks, community ports/trunks, or isolated trunks.
  • Promiscuous ports need to be outside the UCS domain, such as an upstream switch/router or a downstream N1K

    • Now consider this scenario:
    pic1

    The 4900 switch is a pVLAN aware switch. It has isolated ports on Vlan 210 and promiscuous ports on Vlan 200
    The Nexus 5K represents a network or a bunch of switches that are not pVLAN aware

    First, we need to make the UCS aware of the pVLAN structure. After defining the vlans, we will need to change the properties of them

    pic2

    pic3

    Next, you have to dedicate a vNIC to carry the pVLAN traffic in VMWare. Because of the UCS limitations, 1 pVLAN per vNIC only. In this case we add the isolated vlan only, and it is not a native VLAN

    pic3a

    Next, add 2 new VLANs to the Nexus 1000v switch , and define the private VLAN properties

    pic4

    pic5

    Then finally, we just have to add the vmnic to the pVLAN_uplinks port profile

    pic6

    For more information on Private VLAN and Cisco UCS integration, please refer to Cisco ID 116310

    Categories: Data Center, Virtualization
    l>