Friday, March 15, 2019

Greenfield Deployment

Howdy networking,

I have a new deployment that we are putting the final touches on and want to get some ideas on best practice here with a new server and switch cluster going in.

Short story, we have an access control system that is considered business critical so we are going to run a single VM on top of two ESXi boxes and use HA to keep her running. We have a new Dell SCv3020 SAN going in to support the two VM's as well as two physical (I know) active directory servers, and one "management" machine. The management machine will handle Veeam backups for the VM as well as run the client application for the access control.

Coming in from the field we have controllers with redundant NIC's (previously one NIC and one modem) coming back on separate fiber paths, one existing and one new.

I am thinking my best bet for the production side of the network is 10GbE from the ESXi hosts to my "core" switches (Aruba 2930M with 4 port 10GbE module) which are separate at the moment, but I will have a 10GbE port available on them so I can tie them together. I wanted to avoid doing them as a stack so if one dies it doesn't take the other with it, not necessarily from a physical failure but from a mis-configuration point too.

I am planning on teaming the NIC's on my AD and management servers, and uplinking them to both of the core switches. Originally I was going to have two isolated segments running on the main and backup network, but this seems like it would become a DNS nightmare for the single homed machines trying to resolve a hostname if it got the IP from the backup network. This network is on an island and there is no routing being proposed.

I am not thrilled about the Microtik as the SAN switches, but they originally called for HPE OfficeConnect 10GbE switches and that just seemed, cheap. At least the Microtik have redundant power supplies....

Here is a diagram I put together, it doesn't show the tie between the two core switches or redundancy from my fiber aggregation switches, but I am thinking this can all be a flat network and let RSTP do its job.

https://imgur.com/a/qPUiL1e

Any suggestions for improvement would be appreciated!

Thanks



No comments:

Post a Comment