5 Replies Latest reply: Oct 21, 2013 3:33 PM by petermiet RSS

Adding second subnet to existing vif

petermiet
Currently Being Moderated

I inherited an ESX cluster that was configured as the VMkernel and Service Console ports on the same subnet () and now i'm upgrading to ESXi and with the lack of the service console, i'm running into the issue where my NFS mounts are trying to use the wrong source IP (the old service console interface) and thus they are getting access denied. instead of total kludge and just adding the SC IPs to all my NFS mounts, I'm wondering if I can add an IP alias for a different subnet to the existing vif so I can have the filer host to both subnets while I upgrade hosts to ESXi without bringing the whole thing down. If so, i'm thinking my configuration would look something like this:

 

ifconfig myVifName 10.10.3.100 netmask 255.255.255.0 mtusize 9000 partner (partner-vif-name)

ifconfig myVifName alias 192.168.0.100 netmask 255.255.255.0 mtusize 9000

 

and of course, add the new subnet to the existing NFS mounts. It seems like that's all I would need to do, but I haven't seen much in the way of doing this in particular - the aliases examples i'm seeing are all on the same subnet and I don't have a test filer to try it on so I kinda want to make sure that it's going to work instead of just doing it and hoping for the best.

  • Re: Adding second subnet to existing vif
    DAVE.WITHERS
    Currently Being Moderated

    I do have a test 2240x4 that i just tried this on.

    It does not appear to work. 

     

    vif0-192: flags=0x2b4c863<UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM> mtu 1500

            inet 172.20.193.39 netmask 0xfffffe00 broadcast 172.20.193.255

            ether 02:a0:98:19:a2:a4 (vlan-on-ifgrp-up)

     

    that is my primary vlan/vif on my 192 vlan.

     

    I try to add an ip from my 205 vlan as an alias.

    filer> ifconfig vif0-192 alias 172.20.205.222 netmask 255.255.255.128

     

    It adds it

     

    vif0-192: flags=0x2b4c863<UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM> mtu 1500

            inet 172.20.193.39 netmask 0xfffffe00 broadcast 172.20.193.255

            inet 172.20.205.222 netmask 0xffffff80 broadcast 172.20.205.255

            ether 02:a0:98:19:a2:a4 (vlan-on-ifgrp-up)

     

    But...won't respond/ping/etc

     

    ping 172.20.205.222

    PING 172.20.205.222 (172.20.205.222) 56(84) bytes of data.

     

     

    --- 172.20.205.222 ping statistics ---

    19 packets transmitted, 0 received, 100% packet loss, time 18005ms

     

    I tried downing the interface and bringing it back up and it still would not work.

     

    Adding a new ip alias on my 192 vlan worked just fine as expected.

    Hope this helps, and if anyone else has any input on making the OP suggestion work, it would be interesting to see.  Maybe some route trickery.

    Note, while i was testing this, my primary IP never lost any connectivity.

    • Re: Adding second subnet to existing vif
      aborzenkov
      Currently Being Moderated

      Adding alias from another VLAN is not going to work for obvious reasons you need to add additional interface in new VLAN:

      vlan add vif0 205

      • Re: Adding second subnet to existing vif
        petermiet
        Currently Being Moderated

        thanks for the help so far, it's really much apprecaited. So it sounds like doing it with vlans is really the only answer (and really the proper one anyway), and it looks like I can just add on a vlan to the existing untagged vif in ontap 8.1.3 (FAS 2240-2), but I also have a filer (FAS2050) that's 7.3.7P2 and from what I can gather, that's all vlans or untagged but not both. I think i've come up with a plan to tackle this, does this look ok?

         

        my existing config from /etc/rc (it appears to be the same for both, with the exceptions below)

        vif create lacp vif1 -b ip e0a e0b # FAS2240 also has e0c e0d here

        ifconfig vif1 `hostname`-vif1 netmask 255.255.254.0 mtusize 9000 mediatype auto -wins partner vif1 # FAS2240 doesn't have the -wins

         

        changing to on both filers /etc/rc

        vif create lacp vif1 -b ip e0a e0b # no change here, just for reference

        vlan create vif1 1 2 #VLAN 1 & 2 - 1 for existing hosts, and 2 for the new ones

        ifconfig vif1-1  `hostname`-vif1 netmask 255.255.254.0 mtusize 9000 mediatype auto -wins partner vif1-1  # FAS2240 doesn't have the -wins

        ifconfig vif1-2  `hostname`-vif1 192.168.102.1 netmask 255.255.255.0 mtusize 9000 mediatype auto -wins partner vif1-2  # FAS2240 doesn't have the -wins

         

        if doing it during runtime do I just do the vlan create command and run the ifconfig commands as listed but without the `hostname` part?

         

        and on the switch (dell powerconnect 6248) side:

        switchport mode general

        switchport general allowed vlan add 2 tagged

        switchport general allowed vlan add 1 untagged

        switchport general pvid 1

        mtu 9216

         

        on each of my vmkernel ports and the port-channel for the filer.

         

        If I understand what i've read on all this properly, that would allow the existing ESX hosts (using untagged vmkernel ports) to still reach the filers on the default vlan, and I would be able to set up the upgraded ones on VLAN 2 and everyone's happy as long as I also put the 192.168.102.x network in the NFS exports. I should also be able to make the change with just a minute of downtime or less I believe too

        • Re: Adding second subnet to existing vif
          aborzenkov
          Currently Being Moderated

          ifconfig vif1-2  `hostname`-vif1 192.168.102.1 netmask 255.255.255.0 mtusize 9000 mediatype auto -wins partner vif1-2  # FAS2240 doesn't have the -wins

          Either this is `hostname`-vif1 or 192.168.102.1; you cannot have both.

          switchport general allowed vlan add 2 tagged

          switchport general allowed vlan add 1 untagged

          You created two tagged VLANs on NetApp. Your switch configuration has to match it. If you want to add additional VLAN 2 to existing untagged port, just do it; no need to create VLAN 1 on NetApp.

          • Re: Adding second subnet to existing vif
            petermiet
            Currently Being Moderated

            understood, so i'm looking at this then:

             

            ifconfig vif1-1  `hostname`-vif1 netmask 255.255.254.0 mtusize 9000 mediatype auto -wins partner vif1-1  # FAS2240 doesn't have the -wins

            ifconfig vif1-2  192.168.102.1 netmask 255.255.255.0 mtusize 9000 mediatype auto -wins partner vif1-2  # FAS2240 doesn't have the -wins

             

            and

             

            switchport general allowed vlan add 1,2 tagged

             

             

More Like This

  • Retrieving data ...