Networking best practice

M Anon

New Member
Mar 11, 2025
4
0
1
Hi,

We're testing PVE as an alternative to ESXi and just trying to wrap our heads around networking in PVE vs ESX.

In ESX, we have 2 x 10Gbps ports (non LACP) connected to a vSwitch which has 3 vmkernel nics (1 for management, 1 for storage and 1 for vMotion) and then multiple port groups (each a different vlan). We simply attach each VM's nic to a portgroup.

I believe that to replicate the above in PVE, we need to create 1 VLAN-aware vmbr with no IP assigned, then create subinterfaces (vmbr0.10 for management with an IP assigned, vmbr0.20 for storage with an IP assigned, vmbr0.30 for phones with no IP assigned, vmbr0.40 for servers with no IP assigned, etc). We then connect each VM's nic to a sub-interface and then specify the VLAN tag. Is this correct?

And more importantly, is this best practice? I've read the admin guide that says PVE prefers LAGs/LACP which requires switch config (not a problem, ours support it), whilst ESX uses NIC teaming (equivlanet to balance-tlb in PVE I think) which does not require any config on the switch side.

Is there any best practice document out there we can take a look at?
 
Following information is not best practice for PVE networking, just FYR.
And in the PVE document "https://pve.proxmox.com/pve-docs/pve-admin-guide.html#sysadmin_network_configuration", it's mentioned about:
  • If your switch supports the LACP (IEEE 802.3ad) protocol, then we recommend using the corresponding bonding mode (802.3ad). Otherwise you should generally use the active-backup mode.
  • For the cluster network (Corosync) we recommend configuring it with multiple networks. Corosync does not need a bond for network redundancy as it can switch between networks by itself, if one becomes unusable.1741826988673.png
 
  • Like
Reactions: UdoB
Following information is not best practice for PVE networking, just FYR.
And in the PVE document "https://pve.proxmox.com/pve-docs/pve-admin-guide.html#sysadmin_network_configuration", it's mentioned about:
  • If your switch supports the LACP (IEEE 802.3ad) protocol, then we recommend using the corresponding bonding mode (802.3ad). Otherwise you should generally use the active-backup mode.
  • For the cluster network (Corosync) we recommend configuring it with multiple networks. Corosync does not need a bond for network redundancy as it can switch between networks by itself, if one becomes unusable.View attachment 83596

Wow! Thanks for the infographic. Not sure where you got that from but it certainly helps visualize.

This is basically how we have it configured now (except that vmbr1 is connected to bond0 because we don't have a separate nic for it).

Thanks