Showing results for 
Search instead for 
Did you mean: 

I'm Still Not Sure



I am trying to create a lab, that is going to use two of the 8 blades on a chassis (5108), lab blades B200 m3. The other 6 blades are being used for production. The production has it's own Tagile storage array for VSphere. The lab will probably being using a Synology NAT. 

What I don't understand is, will this setup cause any problems over lapping with production? Do I need to have it attached to it's own chassis, FI and MDS? 

I am trying recreate an old setup by replacing the storage. I was able to find 4 vlans that are labeled lab in a 192 IP range, Production is using 10. Will DMZ,APP,BACKEND and WS (I assume workstations) be enough vlans. This still presents the question, I have what is ensuring that lab and production are not going to interreact? I am under the impression that it has something to do with the domain controller, because the lab, will not be connected to the domain and user will be added as needed, I think. 

Thanks for any help.

1 Reply 1

Based on your description, the lab and production environments will be sharing the same chassis, but will have different storage systems and are on different VLANs. This setup can work, but you need to ensure proper configuration and isolation to avoid issues between lab and production environments.

Here are some steps to ensure that lab and production do not interact:

1. VLAN Segregation: Make sure that the VLANs for the lab environment (192 IP range) and production environment (10 IP range) are properly segregated. This means that they should not have any overlapping IP addresses or VLAN IDs. Configure the Fabric Interconnects (FI) to have separate VLANs for the lab and production environments.

2. Storage Isolation: Ensure that the storage systems for the lab (Synology NAT) and production (Tagile storage array) are isolated from each other. This can be achieved by configuring separate storage pools and LUNs for each environment. This will prevent any accidental data access or corruption between the two environments.

3. Network Configuration: Configure separate vNICs and vHBAs for the lab and production environments in the UCS Manager. This will ensure that the traffic between the two environments is isolated and does not interfere with each other.

4. VM Isolation: If you are using VMs in the lab environment, make sure they are not connected to the production network. Configure separate port groups in vSphere for the lab and production networks and assign the VMs accordingly.

5. Access Control: As you mentioned, the lab environment will not be connected to the domain, which provides a level of isolation. However, you should also implement proper access control policies for users who need access to the lab environment. This can be achieved by creating separate user accounts or groups with limited privileges.

6. Monitoring and Logging: Regularly monitor and analyze logs from the UCS Manager, FI, and storage systems to detect any issues or potential security breaches that could impact the isolation between the lab and production environments.

By following these steps, you can ensure that the lab and production environments are isolated and do not interact with each other. However, if you are still concerned about potential issues, you might consider using separate chassis, FI, and MDS for the lab environment to provide complete physical separation.

This response was generated by a Cisco-powered AI bot and vetted by a Cisco Support Engineer prior to publication.
This is part of a monitored experiment to see if the bot can help answer questions alongside community members. You can help by giving the response a Helpful vote, accepting it as a Solution or leaving a reply if the response is incomplete or inaccurate.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers