Operating instructions
Chapter 7. Cisco Systems IGESM configuration and network integration 105
7.2 Management network considerations
This section discusses an extremely important topic for the BladeCenter: the selection of the
management VLAN and its use within the BladeCenter.
Although the BladeCenter has some very specific needs regarding its management VLAN, it
might help to first generically understand the importance of selecting a suitable VLAN for
management traffic, as well as the role the native VLAN can play in this selection. For an
excellent discussion about selecting the management and native VLAN, see the “Switch
Management Interface and Native VLAN” section in the Best Practices document (this
requires a Cisco user ID and password), available at:
http://www.cisco.com/en/US/partner/products/hw/switches/ps700/products_white_paper09186a008
01b49a4.shtml
For a more specific source of information about management network configuration when
utilizing an IGESM in the BladeCenter, see 5.3, “In-depth management path discussions” on
page 55.
Management VLAN with specific respect to the BladeCenter
In discussions about the BladeCenter, the management VLAN refers to the only active VLAN
interface on each Cisco Systems IGESM (the default is VLAN 1) that is used for connection
through IP as one possible way to manage the switches. This same management VLAN is
directly tied to ports g0/15 and g0/16 on the Cisco Systems IGESM, which in turn attaches
the Cisco Systems IGESMs to the Management Modules.
The Management Module has certain roles, one of which is to permit a connection through it
into the Cisco Systems IGESMs for the purpose of managing the Cisco Systems IGESMs. A
side effect of this responsibility is that the Management Module will respond to ARP requests
for all addresses in its current subnet on its internal connections to the Cisco Systems
IGESMs (proxying for the Cisco Systems IGESMs). If a blade server is on the same VLAN
and in the same IP subnet, it usually will report a duplicate IP address as a result of the
Management Module responding to a blade server ARP when it is confirming that no one has
its address. For more information, see 5.3.12, “Scenario 6 (not recommended)” on page 72.
Another side effect can be seen when a blade server running as a DHCP client is placed on
the IGESM management VLAN. In most cases, before a DHCP server will issue an IP
address to a client, it sends out a gratuitous ARP checking whether that address is already in
use. If the Management Module sees this gratuitous ARP on its internal interface, it responds
that it owns the address (performing as a proxy for the subnet), and the DHCP server marks it
as in use and attempts to use a different IP address (with the same results). The result is that
the DHCP pool is used up and no IP addresses are available for use on the subnet.
Still another side effect of the design of the internal management network is that the
Management Module bridges at least certain packets. (Running the show cdp neighbor
command on a Cisco Systems IGESM shows that the other Cisco Systems IGESM is
attached directly, even though it is actually bridged through the Management Module).
With this in mind, we strongly recommend that you follow one simple rule:
Keep the blade servers in the BladeCenter off of the management VLAN in use by the
Cisco Systems IGESMs.
To this end, the default configurations on the Cisco Systems IGESMs isolate VLAN 1 from the
blade server ports. This does not, however, stop one from simply adding VLAN 1 to a blade
server port.