I am setting up a pair of Nexus 1000v switches. As per the Cisco documentation, I have the management port in the system-uplink port-profile. However, currently, this management port is in the same production VLAN as most of our servers. I would rather have the management in an separate VLAN for security and reliability reasons. Also, as I cannot assign a VLAN to both the system-uplink and the data-uplink port-group, this means all of the server traffic will be using the system-uplink port-group. This does not sound logical.
My question is: 1. Does the management port have to be in the same VLAN as the VM Host server? 2. If is does, what are the implications of putting the management port on the data-uplink port-group? 3. OR, if (1) is YES, then what do you think about putting the VM Hosts (ESXI) on a separate VLAN than the virtual servers?
Note: I have been playing with svs domain mode l3. But as I cannot even ping the gateway, I haven't had much success.