Disjoint Network in Cisco UCS

What is Disjoint Network in UCS

With UCS disjoint network, administrators can create multiple VLANs, fabric interconnects, and uplinks, which can be allocated to different network domains. This means that traffic between these domains can be prevented, reducing the risk of security breaches and providing greater control over network traffic. Additionally, administrators can assign specific resources, such as bandwidth and Quality of Service (QoS), to each network domain, which allows for better performance and utilization of the network resources.

Overall, UCS disjoint network is a valuable feature in UCS that provides greater flexibility and control over network domains, while also improving security and performance.


Disjoint Network Configuration Overview

In a UCS environment, a disjoint network is created by partitioning the physical network infrastructure into multiple logical domains, called VLANs, Each VLAN can be assigned a unique identifier and an IP subnet.

To configure UCS disjoint network, you can follow these general steps:

  • Configure VLANs: First, create VLANs for each network domain that needs to be isolated. Each VLAN should have a unique VLAN ID and IP subnet. You can create VLANs using the UCS Manager GUI or CLI.
  • Configure Fabric Interconnects: Next, configure the fabric interconnects to support disjoint networks. You can use the UCS Manager GUI or CLI to configure the fabric interconnects, including uplinks, port channels, and VLANs.
  • Create uplink groups: An uplink group is a collection of physical Ethernet interfaces that are used to connect the fabric interconnects to the external network. You can create uplink groups for each VLAN or network domain.
  • Configure Server Ports: Finally, configure the server ports to use the appropriate VLAN or network domain. You can use the UCS Manager GUI or CLI to configure the server ports, including vNIC templates and service profiles.


Example:


Here is an example configuration for UCS disjoint network:

Assuming we have two departments, Department A and Department B, and we want to create a disjoint network for each department. Each department should have its own VLAN ID and IP subnet.

  • Configure VLANs:
    VLAN 10 for Department A with IP subnet 10.1.10.0/24
    VLAN 20 for Department B with IP subnet 10.1.20.0/24
  • Configure Fabric Interconnects:
    Configure uplinks for each fabric interconnect to connect to the external network.
    Create uplink groups:
    – Uplink group A for VLAN 10 on FI-A
    – Uplink group B for VLAN 20 on FI-B
  • Configure Server Ports:
  • Create vNIC templates for each department, specifying the appropriate VLAN ID and IP subnet.
    Create service profiles for each server, assigning the appropriate vNIC templates and uplink groups.
    With this configuration, each department is isolated from each other, and traffic cannot pass between them. Each department can utilize the full bandwidth of their allocated uplink group and can prioritize their traffic with QoS policies.

Bilel Ameur

Enthusiastic Network Engineer specializing in Cisco ACI, passionate about solving challenges. A lifelong learner who loves gaining and sharing knowledge. Profile: https://www.linkedin.com/in/bilel-ameur-71116b2b5
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x