01-27-2012 05:52 AM
Hi,
I am new to this so I just wanted to say thanks to all the sharers out there helping others, I can't wait to join in!
I am looking for some help with port-profiles on the 1000V. I would like to know if it is best practice to put 2 servers (same VLAN) that need direct access to each other (no ACLs, no VACLS, etc) on the same port profile to allow them to communicate directly with each other, or if you would put them on seperate port profiles, just leave them in the same VLAN?
port-profile type vethernet DEV1-machine
vmware port-group
switchport mode access
switchport access vlan 111
no shutdown
state enabled
port-profile type vethernet DEV2-machine
vmware port-group
switchport mode access
switchport access vlan 111
no shutdown
state enabled
Or should both servers share one port profile:
port-profile type vethernet DEV-VLAN
vmware port-group
switchport mode access
switchport access vlan 111
no shutdown
state enabled
I would assume that if they are using the same PP traffic would stay right in the V environment, and not have to travel to the physical layer 2 switch, where as if they are on 2 seperate PPs they would have to be switches as you would with 2 physical ports in the same VLAN?
If anyone know of a doc that would help explain their use better, that would be great too.
I have already read the DMZ virtuallization doc and the 10 GIG E on VMware deployment doc.
thanks!!!!!!
Solved! Go to Solution.
01-27-2012 09:59 AM
Hello there. The port-profile is basically a construct (container) to provide network attributes for particular virtual machine(s). In this case, your 2 DEV VMs want to be on the same VLAN. So you will want to just create 1 port-profile that is an access port on VLAN 111 (which you have given in your example). Regardless of the use of the port-profiles, if 2 virtual machines are on the same physical server and is on the same VLAN, then the traffic will not leave the physical server since it will be locally switched in the hypervisor layer. Hope this helps.
01-27-2012 09:59 AM
Hello there. The port-profile is basically a construct (container) to provide network attributes for particular virtual machine(s). In this case, your 2 DEV VMs want to be on the same VLAN. So you will want to just create 1 port-profile that is an access port on VLAN 111 (which you have given in your example). Regardless of the use of the port-profiles, if 2 virtual machines are on the same physical server and is on the same VLAN, then the traffic will not leave the physical server since it will be locally switched in the hypervisor layer. Hope this helps.
02-06-2012 07:10 AM
Thanks, this is exactly what I thought, this was very helpful!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: