EnsureDR for SRM Network considerations
EnsureDR for SRM Network considerations
Contents INTRODUCTION ....................................................................................................................................... 1
EnsureDR for SRM network considerations ............................................................................................ 2
Description of concepts .......................................................................................................................... 3
Single host solution with no external switch connectivity ................................................................. 3
Multi-host DR site with physical isolated switches ............................................................................. 3
Multi-host DR site with logical isolated switches ............................................................................... 4
VMware 5.5 environment setup ............................................................................................................. 5
Single host solution on DR site............................................................................................................ 5
Multi-host DR site without distributed switches feature ................................................................... 8
Multi-host DR site with distributed switches feature enabled ........................................................... 9
Reconfiguring Recovery Plan in Site Recovery Manager (SRM) ....................................................... 13
VMware 6.5 environment setup ........................................................................................................... 15
Single host solution on DR site.......................................................................................................... 15
Multi-host DR site without distributed switches feature ................................................................. 17
Multi-host DR site with distributed switches feature enabled ......................................................... 19
Reconfiguring Recovery Plan in Site Recovery Manager (SRM) ....................................................... 22
VMware 6.7 environment setup ........................................................................................................... 24
Single host solution on DR site.......................................................................................................... 24
Multi-host DR site without distributed switches feature ................................................................. 27
Multi-host DR site with distributed switches feature enabled ......................................................... 28
Reconfiguring Recovery Plan in Site Recovery Manager (SRM) ....................................................... 32
Cisco switch setup ................................................................................................................................. 34
Cisco switch - physical isolated network........................................................................................... 34
Cisco switch - logically isolated network .......................................................................................... 34
1
INTRODUCTION
Purpose of this document is to describe how to properly set up a test environment. This document
will show you step by step instruction how to do that in your test environment. The document will cover a
different solution based on which version of VMware you are using and provide example of Cisco switch
setup. This document will cover setup virtual environment based one VMware vSphere vCenter 5.5 – 6.7,
VMware Site Recovery Manager from 5.5 to 8.1.1, EnsureDR and Cisco switch setup.
2
EnsureDR for SRM network considerations
EnsureDR automates SRM recovery plan workflow to start up machines in a test failover. To achieve
this goal, you must set up separate isolated network segment which is capable to be used for a testing
purpose and in the same time is isolated from production network to avoid a collision when performing test
failover.
Depend on your production and disaster recovery virtual infrastructure environment this document
cover three possible cases which will be described in this document:
- single host on DR site
- multi-host DR site with VMware infrastructure and no license for distributed switches feature
- multi-host DR site with distributed switches feature enabled
To better understand all three cases, this document will describe the setup in general and then
provide step by step configuration for VMware vCenter 5.5, 6.5 and 6.7 environment.
For external network setup this document will cover two possible solutions:
- dedicate switch
- shared switch
This document provides step by step configuration based on Cisco switch and you could use any other
network switch vendor as long as they support VLANS and in VMware HCL.
If you could provide a separate switch this will be a recommended option because it reduces the
possibility to have an influence on the production network because your production and test environment
will be physically separated from each other. If you cannot use separate switch than you should use next
option for your environment.
Another option is to use switch which will be shared with production and test environment. You need
to isolate free ports (minimum one port per host) on switch to setup external network for the test
environment. This will give you a logically separated network layers on same switch. If you choose to use
shared Cisco switch, we recommend getting help from professional network admin to avoid
misconfiguration which could lead in a collision with the production network. To be sure that network
setup is done properly you should choose few VMs for the test failover to validate network setup. After you
approve network setup you can test failover with all available VMs.
3
Description of concepts
Single host solution with no external switch connectivity
This is the simplest solution which does not require any specific setup on the network level because
all recovered VMs will be recovered on the same host. In this solution, you need to set up an isolated virtual
switch.
Multi-host DR site with physical isolated switches
Multi-host solution with physical isolated switches is recommended solution because this
architecture minimize possibility that misconfigured external switch has bad influence on your production
network. As you can see on picture there is no connectivity between production and isolated LAN. Any
recovered virtual machine will be isolated in test LAN.
4
Multi-host DR site with logical isolated switches
Another option on multi-host DR site is to use shared switch. Shared switch meaning that all
connection from production and test LAN are physically connected to the same switch.
As you can see on picture all connection from production and test LAN are connected to same switch.
If you choose to use shared Cisco switch you should consult with professional network admin in order to
use this solution and avoid misconfiguration which could lead in a collision with the production network.
If you properly configure shared switch with separate VLANs, there is no bad influence in testing
and production environment. In this case there will be no difference with previous mentioned solution.
5
VMware 5.5 environment setup
Single host solution on DR site
This is the simplest solution which does not require any specific setup on the network level because
all recovered VMs will be recovered on the same host. In this solution, you need to set up an isolated virtual
switch.
To create a virtual switch with no attached external network adapter, you need to select a host,
choose tab “configuration”, then in left panel to select “networking”, leave default option on “vSphere
Standard Switch”, choose connection type “Virtual Machine” and click next.
In next step leave setting on “Create a vSphere standard switch” and choose next.
In next step enter label for network and define VLAN ID, then click next.
6
In next step you will create a virtual switch with no attached external adapter, just click finish.
To add additional VLANs, choose properties of your newly created virtual switch
7
Then click “Add” button
Leave connection type on “Virtual Machine” and click “Next”
8
Add “Network label” and “VLAN ID”
To add additional VLANs repeat this process as much as you will use in isolated test environment.
Multi-host DR site without distributed switches feature
Compared with the previous solution this solution requires to perform additional setup on the
network level because different VMs can be restored on a different host in the cluster. To provide
connectivity between VMs which are recovered in the same VLAN but on the different host, you need to set
up an external network layer which will provide connectivity between all recovered VMs. All virtual switches
must be set up separately per host.
The whole process is same as describe in the previous scenario with small difference in step “Create
a vSphere standard switch”. In previous step we did not add external adapter because this was single host
solution. In this scenario you will choose external network adapter in step “Create a vSphere standard
switch”. Please look on picture where you can see that network wizard suggested to use external adapter
vmnic1 and automatically connect this external adapter with our new virtual switch. In case you have more
than one free external network adapter you can choose which one to use. To properly setup test
environment you need only one external adapter per virtual switch.
9
Multi-host DR site with distributed switches feature enabled
This solution is same as previous solution with difference that instead of use standard virtual switch
you will configure distributed switch. This feature gives us a possibility to define a single virtual switch which
will then appear on all host. This solution allows us to easier set up virtual network infrastructure (e.g. set
up once, use on all hosts). Same rules applied to the previous solution must be performed on this setup.
If you try to configure distributed switch from same place as virtual standard switch you will see notice that
this is not possible.
10
To set up virtual distribute switch you need to open “Inventory” and then choose “Networking”. Right click
and choose “New vSphere Distributed Switch’.
Choose vSphere distributed switch version 5.5 and click next.
11
On next screen define how much external adapter do you want to connect with distributed switch per
host. For this lab you need only one external network adapter.
On next screen select all hosts and external network adapters and click next.
12
On next screen click finish.
Distributed switch is configured and now you will configure VLANs on this switch. To do this right click on
distributed switch in left panel. When menu popup, choose “Edit Settings”.
When new window open, choose tab “Private VLAN” and enter VLANs. Because this virtual switch
will be used for testing purpose in isolated environment you must define different VLANs ID compared with
your production environment. Be aware if you set up VLAN IDs which are in use in your production
environment that could lead to network collisions and issues. You should choose VLAN IDs which is not setup
in your production environment and will be used only for test environment.
For instance, if you have several VLAN IDs in your production environment like:
- VLAN 10
- VLAN 11
- VLAN 12
13
you should set up different VLAN IDs for isolated environment like:
- VLAN 110
- VLAN 111
- VLAN 112
This is just examples, you will choose what is applicable for your environment.
Reconfiguring Recovery Plan in Site Recovery Manager (SRM)
Now when you configured a new virtual switch in isolated virtual network next step will be to update
SRM recovery plan. To reconfigure recovery plan to use newly created switch for testing environment go to
SRM and log on. After logging select site in left panel, click “Related Object”, then “Recovery Plan” and select
recovery plan, in “Actions” menu choose “Edit Plan”.
14
In new window, proceed (click on next button) into step four. Select the “Recovery Network” and
click on combobox, choose Isolated network which you created in previous step (VMware 5.5 environment
setup) in this document, click “Next” and “Finish”.
15
VMware 6.5 environment setup
Single host solution on DR site
This is the simplest solution which does not require any specific setup on the network level because
all recovered VMs will be recovered on the same host. In this solution, you need to set up an isolated virtual
switch.
To create a virtual switch with no attached external network adapter, you need to open the browser
and connect to VMware virtual center. Select a host, choose tab “configuration”, then in left panel to select
“virtual switches” and then click on icon “Add host networking”.
Select “Physical Network Adapter” as on picture and click “Next”
16
Select “New standard switch” then click “Next”
On next scree click “Next”
Because this is single host solution we will not add external network adapter, click “Ok” on warning popup
window.
On next screen click “Finish”.
17
Multi-host DR site without distributed switches feature
Compared with the previous solution this solution requires to perform additional setup on the
network level because different VMs can be restored on a different host in the cluster. To provide
connectivity between VMs which are recovered in the same VLAN but on the different host, you need to set
up an external network layer which will provide connectivity between all recovered VMs. All virtual switches
must be set up separately per host.
The whole process is same as describe in the previous scenario. In previous step we did not add
external adapter because this was single host solution but in this scenario, you will choose external network
adapter in step “Create a Standard Switch”. To properly setup test environment you need only one external
adapter per virtual switch.
On the following screen select “Unused adapters”
In new window select available adapter and click “Ok” and then click “Next”. In step “Connection settings”
enter “Network label” and “VLAN ID” then click “Next” and finally click “Next”
18
To add addition VLAN please click on icon “Add host networking” and in open windows select “Virtual
Machine PortGroup for a Standard Switch” then click “Next”.
On next screen select newly created virtual switch and click “Next”. In new window enter “Network label”
and “VLAN ID” then click “Next” and finally click “Finish”.
19
Multi-host DR site with distributed switches feature enabled
This solution is same as previous solution with difference that instead of use standard virtual switch
you will choose to configure distributed switch. This feature gives us a possibility to define a single virtual
switch which will then appear on all host. This solution allows us to easier set up virtual network
infrastructure (e.g. set up once, use on all hosts). Same rules applied to the previous solution must be
performed on this setup.
Please click on home icon and then click “Networking” and in new window in left panel select cluster.
Right click on selected cluster and new menu will popup. Select “Distributed switch” and choose “New
Distributed Switch”.
20
On new window enter name for distributed switch and click “Next”
Leave distribution switch type 6.5.0 and click “Next”
21
Select number of uplinks (minimum one required) then enter name for port group and click “Next”
On next screen click “Finish” and distributed switch will be shortly created.
22
Now we need to add VLANs ID. To enter new VLAN IDs select newly created distributed switch in left panel,
choose “Configuration” tab, select “Private LAN”, click on button “Edit”, enter VLAN ID and click “Ok”.
When new window popup click on “Add” button, enter VLAN ID, click on right button “Add” (number 3),
enter VLAN ID and change it to “Isolated” and click “Ok”. In this example we add VLAN ID 10 and VLAN ID
110 for Isolated VLAN Type and for test environment you need to enter as many as you have VLAN IDs.
Reconfiguring Recovery Plan in Site Recovery Manager (SRM)
Now when you configured a new virtual switch in isolated virtual network next step will be to update
SRM recovery plan. To reconfigure recovery plan to use newly created switch for testing environment go to
SRM and log on. After logging select site in left panel, click “Related Object”, then “Recovery Plan” and select
recovery plan, in “Actions” menu choose “Edit Plan”.
23
In new window, proceed (click on next button) into step four. Select the “Recovery Network” and
click on combobox, choose Isolated network which you created in previous step (VMware 6.5 environment
setup) in this document, click “Next” and “Finish”.
24
VMware 6.7 environment setup
Single host solution on DR site
This is the simplest solution which does not require any specific setup on the network level because
all recovered VMs will be recovered on the same host. In this solution, you need to set up an isolated virtual
switch.
To create a virtual switch with no attached external network adapter, you need to open the browser
and connect to VMware virtual center. Select a host, choose tab “configuration”, then in left panel to select
“virtual switches” and then click on icon “Add host networking”.
25
Select “Physical Network Adapter” as on picture and click “Next”
Select “New standard switch” then click “Next”
26
On next scree click “Next”
Because this is single host solution we will not add external network adapter, click “Ok” on warning popup
window.
On next screen click “Finish”.
27
Multi-host DR site without distributed switches feature
Compared with the previous solution this solution requires to perform additional setup on the
network level because different VMs can be restored on a different host in the cluster. To provide
connectivity between VMs which are recovered in the same VLAN but on the different host, you need to set
up an external network layer which will provide connectivity between all recovered VMs. All virtual switches
must be set up separately per host.
The whole process is same as describe in the previous scenario. In previous step we did not add
external adapter because this was single host solution but, in this scenario, you will choose external network
adapter in step “Create a Standard Switch”. To properly setup test environment you need only one external
adapter per virtual switch.
On following screen select “Unused adapters”
In new window select available adapter and click “Ok” and then click “Next”. In step “Connection settings”
enter “Network label” and “VLAN ID” then click “Next” and finally click “Next”
28
To add addition VLAN please click on icon “Add host networking” and in open windows select “Virtual
Machine PortGroup for a Standard Switch” then click “Next”.
On next screen select newly created virtual switch and click “Next”. In new window enter “Network label”
and “VLAN ID” then click “Next” and finally click “Finish”.
Multi-host DR site with distributed switches feature enabled
29
This solution is same as previous solution with difference that instead of use standard virtual switch
you will choose to configure distributed switch. This feature gives us a possibility to define a single virtual
switch which will then appear on all host. This solution allows us to easier set up virtual network
infrastructure (e.g. set up once, use on all hosts). Same rules applied to the previous solution must be
performed on this setup.
Please click on home icon and then click “Networking” and in new window in left panel select cluster.
Right click on selected cluster and new menu will popup. Select “Distributed switch” and choose “New
Distributed Switch”.
On new window enter name for distributed switch and click “Next”
30
Leave distribution switch type 6.6.0 and click “Next”
31
Select number of uplinks (minimum one required) then enter name for port group and click “Next”
On next screen click “Finish” and distributed switch will be shortly created.
32
Now we need to add VLANs ID. To enter new VLAN IDs select newly created distributed switch in left panel,
choose “Configuration” tab, select “Private LAN”, click on button “Edit”, enter VLAN ID and click “Ok”.
When new window popup click on “Add” button, enter VLAN ID, click on right button “Add” (number 3),
enter VLAN ID and change it to “Isolated” and click “Ok”. In this example we add VLAN ID 10 and VLAN ID
110 for Isolated VLAN Type and for test environment you need to enter as many as you have VLAN IDs.
Reconfiguring Recovery Plan in Site Recovery Manager (SRM)
Now when you configured a new virtual switch in isolated virtual network next step will be to update
SRM recovery plan. To reconfigure recovery plan to use newly created switch for testing environment go to
SRM and log on. After logging click “View Details” button.
In a new window select “Recovery Plans”
33
In a new window select Recovery Plan which you will reconfigure to use with newly created virtual
network. Select recovery plan in left pane and click “Edit” button.
In new window, proceed (click on next button) into step four. Select the “Recovery Network” and
click on combobox, choose Isolated network which you created in previous step (VMware 6.7 environment
setup) in this document, click “Next” and “Finish”
34
Cisco switch setup
Cisco switch - physical isolated network
Connect to Cisco switch, then enter command:
switch# configure terminal
Enter desire VLAN (one by one):
switch(config)# vlan 110
switch(config-vlan)# exit
or in case you have several VLANs in a row, you can create all VLANs in single step:
switch(config)# vlan 110-115
After creating VLANs in previous step, enter every VLAN ID add name and activate VLAN (repeat steps for all defined
VLANs):
switch# configure terminal
switch(config)# vlan 110
switch(config-vlan)# name VMware VLAN 110 - isolated
switch(config-vlan)# no shutdown
switch(config-vlan)# exit
After all names configured, go to (every port per host) port setup:
switch# configure terminal
switch(config)# interface ethernet 1/1
switch(config-if# description ESXi01 [vmnic1]
switch(config-if# switchport mode trunk
switch(config-if# switchport trunk encapsulation dot1q
switch(config-if# exit
When all ports and VLANs configured you need to save configuration
switch# copy running-config startup-config
In this example, we configured all newly created VLANs, then configure port on the Ethernet port 1 of the Cisco
switch with support for all VLAN IDs.
Cisco switch - logically isolated network
Connect to Cisco switch, then enter command:
switch# configure terminal
Enter desire VLAN (one by one):
35
switch(config)# vlan 110
switch(config-vlan)# exit
or in case you have several VLANs in a row, you can create all this VLANs in single step:
switch(config)# vlan 110-115
After creating VLANs in previous step, enter every VLAN ID add name and activate VLAN (repeat steps for all defined
VLANs):
switch# configure terminal
switch(config)# vlan 110
switch(config-vlan)# name VMware VLAN 110 - isolated
switch(config-vlan)# no shutdown
switch(config-vlan)# exit
After all names added, go to (every port per host) port setup:
switch# configure terminal
switch(config)# interface ethernet 1/1
switch(config-if# description ESXi01 [vmnic1]
switch(config-if# switchport mode trunk
switch(config-if# switchport trunk encapsulation dot1q
switch(config-if# switchport trunk allowed vlan 110-115
switch(config-if# exit
When all ports and VLANs configured you need to save configuration
switch# copy running-config startup-config
In this example, we configured all newly created VLANs, then configure port on the Ethernet port 1 of the Cisco
switch with support only for isolated VLAN IDs.