VMware Solutions Discussions

Adding second subnet to existing vif

petermiet
4,098 Views

I inherited an ESX cluster that was configured as the VMkernel and Service Console ports on the same subnet () and now i'm upgrading to ESXi and with the lack of the service console, i'm running into the issue where my NFS mounts are trying to use the wrong source IP (the old service console interface) and thus they are getting access denied. instead of total kludge and just adding the SC IPs to all my NFS mounts, I'm wondering if I can add an IP alias for a different subnet to the existing vif so I can have the filer host to both subnets while I upgrade hosts to ESXi without bringing the whole thing down. If so, i'm thinking my configuration would look something like this:

ifconfig myVifName 10.10.3.100 netmask 255.255.255.0 mtusize 9000 partner (partner-vif-name)

ifconfig myVifName alias 192.168.0.100 netmask 255.255.255.0 mtusize 9000

and of course, add the new subnet to the existing NFS mounts. It seems like that's all I would need to do, but I haven't seen much in the way of doing this in particular - the aliases examples i'm seeing are all on the same subnet and I don't have a test filer to try it on so I kinda want to make sure that it's going to work instead of just doing it and hoping for the best.

5 REPLIES 5

DAVE_WITHERS
4,098 Views

I do have a test 2240x4 that i just tried this on.

It does not appear to work. 

vif0-192: flags=0x2b4c863<UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM> mtu 1500

        inet 172.20.193.39 netmask 0xfffffe00 broadcast 172.20.193.255

        ether 02:a0:98:19:a2:a4 (vlan-on-ifgrp-up)

that is my primary vlan/vif on my 192 vlan.

I try to add an ip from my 205 vlan as an alias.

filer> ifconfig vif0-192 alias 172.20.205.222 netmask 255.255.255.128

It adds it

vif0-192: flags=0x2b4c863<UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM> mtu 1500

        inet 172.20.193.39 netmask 0xfffffe00 broadcast 172.20.193.255

        inet 172.20.205.222 netmask 0xffffff80 broadcast 172.20.205.255

        ether 02:a0:98:19:a2:a4 (vlan-on-ifgrp-up)

But...won't respond/ping/etc

ping 172.20.205.222

PING 172.20.205.222 (172.20.205.222) 56(84) bytes of data.

--- 172.20.205.222 ping statistics ---

19 packets transmitted, 0 received, 100% packet loss, time 18005ms

I tried downing the interface and bringing it back up and it still would not work.

Adding a new ip alias on my 192 vlan worked just fine as expected.

Hope this helps, and if anyone else has any input on making the OP suggestion work, it would be interesting to see.  Maybe some route trickery.

Note, while i was testing this, my primary IP never lost any connectivity.

aborzenkov
4,098 Views

Adding alias from another VLAN is not going to work for obvious reasons you need to add additional interface in new VLAN:

vlan add vif0 205

petermiet
4,098 Views

thanks for the help so far, it's really much apprecaited. So it sounds like doing it with vlans is really the only answer (and really the proper one anyway), and it looks like I can just add on a vlan to the existing untagged vif in ontap 8.1.3 (FAS 2240-2), but I also have a filer (FAS2050) that's 7.3.7P2 and from what I can gather, that's all vlans or untagged but not both. I think i've come up with a plan to tackle this, does this look ok?

my existing config from /etc/rc (it appears to be the same for both, with the exceptions below)

vif create lacp vif1 -b ip e0a e0b # FAS2240 also has e0c e0d here

ifconfig vif1 `hostname`-vif1 netmask 255.255.254.0 mtusize 9000 mediatype auto -wins partner vif1 # FAS2240 doesn't have the -wins

changing to on both filers /etc/rc

vif create lacp vif1 -b ip e0a e0b # no change here, just for reference

vlan create vif1 1 2 #VLAN 1 & 2 - 1 for existing hosts, and 2 for the new ones

ifconfig vif1-1  `hostname`-vif1 netmask 255.255.254.0 mtusize 9000 mediatype auto -wins partner vif1-1  # FAS2240 doesn't have the -wins

ifconfig vif1-2  `hostname`-vif1 192.168.102.1 netmask 255.255.255.0 mtusize 9000 mediatype auto -wins partner vif1-2  # FAS2240 doesn't have the -wins

if doing it during runtime do I just do the vlan create command and run the ifconfig commands as listed but without the `hostname` part?

and on the switch (dell powerconnect 6248) side:

switchport mode general

switchport general allowed vlan add 2 tagged

switchport general allowed vlan add 1 untagged

switchport general pvid 1

mtu 9216

on each of my vmkernel ports and the port-channel for the filer.

If I understand what i've read on all this properly, that would allow the existing ESX hosts (using untagged vmkernel ports) to still reach the filers on the default vlan, and I would be able to set up the upgraded ones on VLAN 2 and everyone's happy as long as I also put the 192.168.102.x network in the NFS exports. I should also be able to make the change with just a minute of downtime or less I believe too

aborzenkov
4,098 Views

ifconfig vif1-2  `hostname`-vif1 192.168.102.1 netmask 255.255.255.0 mtusize 9000 mediatype auto -wins partner vif1-2  # FAS2240 doesn't have the -wins

Either this is `hostname`-vif1 or 192.168.102.1; you cannot have both.

switchport general allowed vlan add 2 tagged

switchport general allowed vlan add 1 untagged

You created two tagged VLANs on NetApp. Your switch configuration has to match it. If you want to add additional VLAN 2 to existing untagged port, just do it; no need to create VLAN 1 on NetApp.

petermiet
4,098 Views

understood, so i'm looking at this then:

ifconfig vif1-1  `hostname`-vif1 netmask 255.255.254.0 mtusize 9000 mediatype auto -wins partner vif1-1  # FAS2240 doesn't have the -wins

ifconfig vif1-2  192.168.102.1 netmask 255.255.255.0 mtusize 9000 mediatype auto -wins partner vif1-2  # FAS2240 doesn't have the -wins

and

switchport general allowed vlan add 1,2 tagged

Public