I've searched around for the answer, so forgive me if this question is has already been answered and I just missed it.
The short and skinny is that because of the need to have a disjointed L2 network, without changing from EHM to Switch mode and on top of security polices (the two L2 networks are Corporate and DMZ), it was recommended that we switch to using port channels.
Right now, I have two UCS 6120s in a cluster. Each 6120 has two uplinks to a pair of Cisco 4948s, configured as standard trunk uplinks.
I guess the actual question(s) is
A) Can this be done without bringing down the entire network for the UCS?
B) If it can, what is the best way to do it without interruption?
I've searched for around and the only thing I've seen is the steps to make the changes in the UCS Manager, but from what I can tell it assumes it’s a new install of UCS and not something that's already in production.
I already had the networking guys set up the port channels on two unused ports on the 4948s, so all I need to do is move the cables and setup the port channel in the UCSM.
My plan of action is as follows:
- disable the network uplinks on one of the 6120s, this should force all traffic to the other side (is that correct?)
- move the network cables coming from the 6120 to the 4948 switche to the new ports set up as a port channel
- create the port channel in the UCS manager
- Enable uplink ports and enable port channel
- Re-do the above steps for the other 6120.
Is the above possible without causing an interruption? Also during the transition, will there be a problem where one side is using a port channel and the other side is still using the regular trunk uplinks?
Thanks for any suggestions or help.
(This was neither short nor skinny)
If you need setup UCS for disjointed L2 and you only have 2 LAN uplinks you are not going to be able to place those 2 into a port-channel and also be able to configure disjointed L2.
Are you adding 2 additional uplinks to the ones you already have?
If you aren't planning on adding 2 additional uplinks then you will need to use them as single links; 1 with corporate VLANs mapped and the other with DMZ VLANs mapped. You will do this for both Fabric Interconnect A and B so that each Fabric interconnect as 1 uplink for corporate and 1 for DMZ.
This configuration requires UCS firmware 2.x
Like you are planning you will do this on 1 fabric at a time.
- On Fabric A disable the 2 LAN uplinks so that all traffic is forced to go out Fabric B
- Use the UCS VLAN Manager to map the DMZ VLANs to the DMZ uplink and the corporate VLANs to the corporate uplink. You can SSH into UCS, type "connect nxos a" and type "show interface trunk" to verify the VLANs are mapped properly
- Make sure the 4948 switch is configured to trunk the correct VLANs over the correct links
- Enable the ports on Fabric A
- Do the same for Fabric B