Project network redundant, Vmware virtualization, Dell VRTX P2v-part 1 (General network)

Project requirements:

installation Dellvrtx hardware, and connect to the customer's production network while establishing virtual machines to achieve customer RODC and P2V requirements.

Stage One, installation Dellvrtx Hardware, and complete the following requirements:

1. Dell Enclosure and Blades

-Mountingof Enclosure to Rack

-Ensureeach Blade Server has the components installed

A) 2x CPU

b) 64GB RAM

c) 2 x 300GBSAS

-Ensureenclosure have a total of 15x 900GB SAS hard disk

-Connectall power cables to enclosure

-Systempower up successfully

2. Configurationof Enclosure, blades, Storage and network switches

-Activateenclosure CMC License and configure IP address for CMC

-configureenclosure 2x Switch module

-Connectnetwork cable from enclosure to existing network switches

-configure2x Blade server with Idrac license and configure IP address for IDRAC

-Configureblade server with RAID-1 configuration

-Configurestorage with 2 arrays

Array 900GBx 6 RAID-5

Array 900GBx 7 RAIID-5

Global Hot-spare 900GBx 2

In fact, these are physical activities, including the upper rail, installation CPU Memory, it is important to note that:

How to map the internal network adapter to the corresponding server

how to put the corresponding the Array is assigned to the corresponding server

How to set Array in the CMC console

How to set Raid card for CMC hardware

How to map KVM Keyboard Mouse DVD assigned to the corresponding server

How to configure IDRAC in CMC

To accomplish this, you first need to analyze the customer network:

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/7F/FC/wKiom1czLtmQeKLjAADc6ROJk0o335.png "title=" 1.png " alt= "Wkiom1czltmqekljaadc6rojk0o335.png"/>

Summary, in fact, for most of the more wealthy enterprises will choose such a network architecture, the opportunity to all the devices are dual redundancy, as long as the connection is completed most of the work is possible, but if you can make its optimization really great article can explore

question one, used on the core switch. HSRP at the same time most people will take redundant connection, then there will be spanning-tree, in this case, if you can make the data flow better through the corresponding switch to reach the destination?

Answer: First we use such a topology diagram to illustrate (in fact, most of the companies are using this topology)

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/7F/FC/wKiom1czLuyC4sZGAABdAvkDdSw385.png "title=" 2.png " alt= "Wkiom1czluyc4szgaabdavkddsw385.png"/>

Analysis 1, we configured Vlan10 as the Root of STP in Core1; So in Core1, Core2 and EDGESW1 on the formation of a loop, at this time should be in the EDGESW1 of the FA0/2 Port for the suppression of ports, the data is through the GI1/0/1 up through The corresponding port of the FW1. This is the normal situation. (without network interruptions and line stubs).

If, Link1 broken, because we set the HSRP track function, because we set the VLAN 10 spanning tree root bridge, then the spanning tree is definitely in, just after the Link1 broken, there is no loop, The spanning tree does not work ; then the change ofthe BPDU is sent, and the FA0/2 is turned on, then the data traffic passes through Core2, on the FW1 , as in the case of:

650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/7F/F9/wKioL1czL_LSnh2AAABalOnhfG8323.png "title=" 3.png " alt= "Wkiol1czl_lsnh2aaabalonhfg8323.png"/>

If, Core1 completely broken off, then the whole left all broken, all traffic is from the right side, the reason is,Core1 broken,STP does not work data from core2 go, while the FW Ha on will automatically let FW2 as Active, then the data is forwarded directly.

If, The LAN link of FW1 and Core1 is broken (the bottom part is good), then the data will go first from Core1 , and then because of the effect of HA FW2 will become Active, the LAN on the Core2 becomes the data import stream because the MAC address on the LAN becomes the FW2 port, So the data goes from Core1 to Core2 andthen goes out of the LAN for the FW2.

So the enterprise network, this way is the most reasonable, look at the following specific configuration commands:

On Core 1 (become the root bridge of the VLAN, set the priority of HSRP to primary, and trace the Xia Lian Port):

Interface Vlan10

IP address10.10.100.253 255.255.255.0

IP helper-address10.10.1.1

Standby 1 priority150 Preempt

Standby 1 ip10.10.100.254

Standby 1 Track GI1/0/1

STP Configuration:

Spanning-tree Mode Pvst

Spanning-tree VLAN 1 Root Primary

Interface GI1/0/1

Switch mode trunk

FW1 Configuration:

Hostname FW1

Interface ETH 0/0

Nameif ouside

Ip address 202.100.1.10 255.255.255.0 standby 102.100.1.20

Interface ETH 0/1

Nameif inside

Ip address 10.1.1.10 255.255.255.0 standby 10.1.1.20

Interface ETH0/2

No shut

Failover LAN Unit Primary

Failover LAN Interface FO ETH 0/2

Failover key Cisco

Failover interface IP FO 192.168.1.10 255.255.255.0 standby192.168.1.20

FW2 Configuration :

Interface ETH0/2

No shut

Failover LAN Unit Secondary

Failover LAN Interface FO ETH0/2

Failover key Cisco

Failover interface IP FO 192.168.1.10 255.255.255.0 standby192.168.1.20

Failover

FW1 Configuring The stateful link:

Interface ETH0/3

No shut

Failover Link stateful eth 0/3

Failover interface IP stateful 192.168.2.10 255.255.255.0standby 192.168.2.20

configuration is not required on the FW2 because FO links can synchronize the configuration to the fw2secondary

Note that the The trigger condition of the failover of ASAFW is the default when the device is broken and the link is broken. See:http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/ha_active_ standby.html#wp1097144(query failovertriggers content)

See:http://gponsolution.com/hsrp-tuning-example.html

This article from the "Sulan Network" blog, reproduced please contact the author!

Project network redundant, Vmware virtualization, Dell VRTX P2v-part 1 (General network)