Skip to content

Adding a Subnet to a Nexus/UCS/VMware Environment

So, this was a fun exercise. It started when I was trying to build a few Server 2012 Lab machines to do some testing on. We realized that we were running out of IP addresses for our server vlans, so I was tasked to create a new vlan and subnet specifically for testing and labs.

The setup is as follows:

  • Two Cisco Nexus 7000 Core Switches as VTP servers.
  • Cisco UCS Chassis holding ESXi hosts.
  • VMware environment where the servers will live.

Here’s how to add a subnet to this environment (no DHCP required) in this scenario.

  1. On the switches, I simply added a vlan to the vlan database. (We’ll use 100 for example).
    Then I added the SVI to each core with HSRP enabled for failover.

    On one core, this sets up the SVI to route using the already-established EIGRP topology, and sets it up as a member of an HSRP port group. On the other core, I did the same thing, with a different IP and lower priority on the HSRP.

    That’s all I needed to do on the Switch side. I was able to ping the SVI from elsewhere on the network.

  2. Next I went into vSphere and created a port group corresponding to the vlan I just created. Since we’re using the distributed switch model (apparently we paid a lot of money for that), I only had to do this once and all 12 ESX hosts were able to use the port group.

    I copied the settings from other port groups in the switch just to stay consistent, but it’s pretty much the default settings.

    At this point, I thought I was done. I spun up a server, put in the 10.1.100 subnet, but alas, it was not talking. I realized that the ESXi boxes are sitting in UCS, and UCS also needs to know which vlan to talk on.

  3. In UCS, it’s not completely intuitive to add a vlan to the NIC. I thought it would be available in the ESX Server profile template we had set up, but it wouldn’t allow me to modify vlans in that view.

    It clearly says that the vNIC in the server profile is bound to a vNIC template elsewhere, and I was able to find that under LAN/Policies/root/vNIC Templates. Opening up the vNIC template allowed me to modify the vlans as well as add a new one.

    Adding a vlan here is simple. You give it a name and an ID. It checks for overlap, and you’re done.

    Once you’ve created the vlan, go back into the Modify vlans screen and make sure the test vlan is checked. Once that’s checked, you should be good to go in UCS.


Here’s what we did in a nutshell:

  • Add the vlan and SVI on the network
  • Add the port group in vSphere
  • Add the vlan in UCS

The end result is a brand new subnet, just waiting to be filled with sweet, sweet servers.

Post a Comment

Your email is never published nor shared. Required fields are marked *