Page 2 of 8 FirstFirst 1234 ... LastLast
Results 11 to 20 of 77
  1. #11
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    I have not began to follow the Untangle Virtual Appliance guide yet, I am just examining it for now...

    From the Untangle Virtual Appliance guide, under the Verify/Configure Physical NIC to vSwitch mappings section, it shows THIS screen-shot displaying 3x physical NIC's linked to 3x vSwitch's, and states...
    Quote Originally Posted by Untangle Virtual Appliance on VMware
    It is best practice to place your “Management Network “ is on a own vSwitch. (This is not a Must but if you can make sure that Untangle does not exist on the same vSwitch as any Management Interface).
    ... This seems to suggest that, because I only have 2x physical NIC's (WAN and LAN), I have to place the Untangle VM's Management Interface on the same IP address as the ESXi Management Interface.

    I'm confused.
    Last edited by J2897; 04-09-2011 at 03:59 PM. Reason: Clarification.

  2. #12
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,326

    Default

    it is a best practice, but not required. the 'best practice' is based on the idea that you have a 'real' VMWare installation with multiple VMWare hosts, a VCenter server, VSphere management box, vmotion traffic, etc. which can be enough traffic that it needs it's own interface. A single server VMWare VSphere Hypervisor installation is never going to have so much management traffic as to create a problem.

    sky-knight will be along in a moment to tell you that not having a dedicated management interface even on single hypervisor install will cause network performance issues. I think any scenario under which that would happen would either be so rare as to not be worth worrying about, or would indicate a severe problem what would have ill effect regardless of whether you have a dedicated management interface or not.

    I guess you'll have to decide which of us to believe.

    (edit: I hope that doesn't sound like I'm disrespecting or being combative with sky-knight. I'm just acknowledging there is disagreement about this point.)
    Last edited by johnsonx42; 04-09-2011 at 08:38 PM.

  3. #13
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    Am I understanding the term "Management Interface" correctly? I though the "Management Interface" was simply the Web GUI (control panel). The reason I asked was because I though, when I browsed to the IP via a web browser, I may see the default ESXi page instead of the Untangle GUI - or vice versa; a potential for conflict.

  4. #14
    Master Untangler
    Join Date
    Oct 2008
    Posts
    913

    Default

    Quote Originally Posted by J2897 View Post
    Am I understanding the term "Management Interface" correctly? I though the "Management Interface" was simply the Web GUI (control panel). The reason I asked was because I though, when I browsed to the IP via a web browser, I may see the default ESXi page instead of the Untangle GUI - or vice versa; a potential for conflict.
    I think you should set up an esxi box WITHOUT untangle involved first. You need to get more familiar with esxi before you throw any networking appliances in the mix

    Sent from my atrix

  5. #15
    Untangle Ninja
    Join Date
    Jan 2011
    Posts
    1,326

    Default

    Quote Originally Posted by J2897 View Post
    Am I understanding the term "Management Interface" correctly? I though the "Management Interface" was simply the Web GUI (control panel). The reason I asked was because I though, when I browsed to the IP via a web browser, I may see the default ESXi page instead of the Untangle GUI - or vice versa; a potential for conflict.
    the IP address of the ESXi management interface is for ESXi. when you install virtual machines, they'll get their own IP addresses. however I tend to agree with pirateghost, it sounds like your understanding of basic VMWare concepts is a bit lacking. install some test vm's and explore things with the VSphere client.

  6. #16
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,482

    Default

    My ESXi deployments have all suffered from interface saturation issues when I didn't dedicate management. They also suffered from and odd packet loss condition that affected all VMs. This for my servers happens independently of Untangle. I don't put Untangle into my ESXi servers unless it's for testing. That will change soon.

    But yes, in a two interface situation, the best practice is to dedicate one interface to a vSwitch that will have publc network access, and the other to a vSwitch that will have private network access, and bind the management and VMkernel functions to this interface as well. I prefer to have VMkernel and management on a dedicated interface, because the network traffic to multiple VMs can saturate the link. If that link becomes saturated, Untangle will loose network connectivity and the entire network will feel the loss. In my case, the issue was related to my iSCSI traffic. In a few of my customer's cases, the issue was normal VM related traffic to their Windows Server installations.

    You may find you need a third interface sooner than you think. It all depends on how much traffic you plan to run over that private vSwitch.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #17
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    It's just THIS screen-shot I had a problem with. If there were just two NIC's in the screen-shot, the mission would have been accomplished by now.

    I'll post a screen-shot of the networking configuration for anyone who only has two NIC's - once I've figured it out. It shouldn't take me too long.

    EDIT: I've just noticed your post sky-knight. I'll read it again tomorrow for guidance.
    Last edited by J2897; 04-10-2011 at 09:26 AM.

  8. #18
    Master Untangler
    Join Date
    Oct 2008
    Posts
    913

    Default

    i really do think you should go learn the basics of ESXi before you drop untangle on it. If you dont have your VMWare environment configured properly, your network will suffer once you put Untangle in a VM.

    please, understand how ESXi works and get it configured properly to work in your environment (not based off a few screenshots in an untangle guide).

    as far as 2 nics go, its quite simple. the fact that you dont understand the basics is why you are struggling trying to figure it out.

    VSwitch0 - VMNic0
    management/vkernel (static IP to manage your esxi box)
    vmnetwork

    VSwitch1 - VMNic1
    external interface

    its that simple. theres nothing special about that kind of configuration. understanding the basics of esxi will help you understand these concepts.

  9. #19
    Master Untangler J2897's Avatar
    Join Date
    Mar 2008
    Posts
    105

    Default

    Quote Originally Posted by sky-knight View Post
    I prefer to have VMkernel and management on a dedicated interface.
    Question #1:

    Do you mean like THIS?

    Quote Originally Posted by sky-knight View Post
    If that link becomes saturated, Untangle will lose network connectivity.
    I don't want Untangle to lose network connectivity, so I will have to take steps to prevent that from happening.

    Quote Originally Posted by sky-knight View Post
    You may find you need a third interface sooner than you think.
    Question #2:

    I have a free PCIe port on the motherboard. So when I have some spare money in the bank (hopefully within the next couple of weeks), I could order another NIC (EXPI9301CTBLK) and resume with the Untangle Virtual Appliance guide; which leads me to ask, what should I connect the new NIC to?: Diagram4.jpeg

    Quote Originally Posted by sky-knight View Post
    It all depends on how much traffic you plan to run over that private vSwitch.
    I don't take risks; I plan to use it's full capacity.

    A message to everyone else: I am grateful for your advise/suggestions. I will read them again and again. I will experiment with some VM's in ESXi, I just want to concentrate on the Untangle VM network plan first.

    Thanks.

    Some more info':
    • My max' internet download speed is around 9.7Mb/s. Upload is around 10% of 9.7Mb/s (970Kb/s).

  10. #20
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,482

    Default

    The screen shot is similar to what I have used in the past.

    But again, the reason I separated off the management stuff was due to my own hacking backup configuration that was saturating that interface. In your case, you may be better off having Untangle on dedicated interfaces, internal and external, and using the third for management and the rest of your VMs.

    Just configure your stuff on two interfaces and see if it works out. Virtualization is the fine art of scheduling hardware access. Think of it like an airline, you want it over booked... but if you are too over booked the passengers will complain.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 2 of 8 FirstFirst 1234 ... LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2