I need some help validating this Network config for a stretched cluster.
Ill summarize whats on the attached, not so good, diagram.
- cluster is running 6.7u1
- Each data site has Nexus vpc Pairs as cores.
- L2 between data site. the vsan vlan has an EIGRP advertised SVI which is part of an HSRP group with 4 members (1 SVI per nexus, so 2 per site) (this is one of the key things i want to validate)
- Each host has static route which uses the vsan SVI (10.10.1.0 255.255.255.0 10.10.0.0 vmk2 MANUAL) (want to make sure this is recommended or if i should use something else)
- das.usedefaultisolationaddress = false
- HA advance setting is configured with the following das.isolationaddress(1-4): IPs 10.10.0.2(Site A), 10.10.0.4(SiteB), 10.10.0.3(SiteA), 10.10.0.5(SiteB) in that order (want to validate this too)
- As you can see vsan witness traffic always flows through the primary site (sub optimal routing, not big deal unless HSRP fail-over time is too high and could cause vsan issues after a site failure while 10.10.0.1 becomes available again.
Questions:
1- Should i advertise (route) the vsan SVIs.
2- Can i use a different route for witness traffic to avoid traversing the ISL
3- Is the HA advanced settings (Isolation addresses) configured properly.
What would you recommend to improve this design. Dont be shy with the details .
I understand this is very networking "heavy" but that is what we have to deal with by using Ethernet based distributed storage systems which HCI is. As we always hear.. network reliability is key to HCI.
Thanks in advance folks!!
Looking forward to your responses.