The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter includes the following sections:
Cisco UCS Central enables you to define global VLANs in LAN cloud at the domain group root or at the domain group level. You can create a single VLAN or multiple VLANs in one operation.
Global VLAN resolution takes place in Cisco UCS Central prior to global service profiles deployment. If a global service profile references a global VLAN, and that VLAN does not exist, the global service profile deployment fails in the Cisco UCS domain due to insufficient resources. All global VLANs created in Cisco UCS Central must be resolved before deploying that global service profile.
Global VLANs are available and can be used in Cisco UCS Manager, even if no global service profile with reference to a global VLAN is deployed in that UCS domain. See Enabling Global VLANs in a Cisco UCS Manager Instance. in the Cisco UCS Central CLI Reference Manual.
Note | A global VLAN is not deleted when a global service profile that references it is deleted. |
You cannot delete a global VLAN from Cisco UCS Manager. If you want to delete a global VLAN from Cisco UCS Manager, you have to localize the VLAN and then delete it.
All VLANs configured in Cisco UCS Central are common to the orgs in which they are created. You must assign organization permissions before the Cisco UCS Manager instances that are part of the organizations can consume the resources. When you assign org permission to a VLAN, the VLAN is visible to those organizations, and available to be referenced in service profiles maintained by the Cisco UCS Manager instances that are part of the organization.
VLAN name resolution takes place within the hierarchy of each domain group. If a VLAN with the same name exists in multiple domain groups, the organization permissions are applied to all VLANs with the same name across the domain groups.
You can create, modify or delete VLAN org permission.
Note | Make sure to delete the VLAN org permission from the same org you created it in. On Cisco UCS Central GUI you can view the org structure where this VLAN is associated. But at the sub org level on the Cisco UCS Central CLI, you cannot view the VLAN org permission association hierarchy, so if you try to delete the VLAN at the sub org level on the Cisco UCS Central CLI the delete operation will fail. |
You can create a VLAN at the domain group root or at a specific domain group level, and assign specify the orgs that can access the VLAN.
You can edit VLAN ID, Multicast Policy and access for control for any selected VLANs. After creating a VLAN in a domain group, you can not change the Domain Group Location or the VLAN Name.
Cisco UCS Central enables you to define global VSAN in the SAN cloud, at the domain group root, or at a domain group level. The global VSANs created in Cisco UCS Central are specific to the fabric interconnect where you create them. You can assign a VSAN to either Fabric A or Fabric B, or to both Fabric A and B. Global VSANs are not common VSANs in Cisco UCS Central.
Resolution of global VSANs takes place in Cisco UCS Central prior to deployment of global service profiles that reference them to Cisco UCS Manager. If a global service profile references a global VSAN, and that VSAN does not exist, deployment of the global service profile to Cisco UCS Manager will fail due to insufficient resources. All global VSANs created in Cisco UCS Central must be resolved before deploying that global service profile.
Global VSANs are available and can be used in Cisco UCS Manager, even if no global service profile with reference to a global VSAN is deployed in that UCS domain. A global VSAN is not deleted when a global service profile that references it is deleted.
Global VSANs that are referenced by a global service profile available to a Cisco UCS Manager instance remain available unless they are specifically deleted for use from the domain group. Global VSANs can be localized in Cisco UCS Manager, in which case they act as local VSANs. Unless a global VSAN is localized, it cannot be deleted from Cisco UCS Manager.
You can create a VSAN with IDs from 1 to 4093, except for those in the following reserved ranges:
If you plan to use FC switch mode in a Cisco UCS domain, do not configure VSANs with an ID in the range from 3040 to 4078.
If you plan to use FC end-host mode in a Cisco UCS domain, do not configure VSANs with an ID in the range from 3840 to 4079.
FCoE VLANs in the SAN cloud and vLANs in the LAN cloud must have different IDs. Using the same ID for an FCoE vLAN in a VSAN and for a vLAN results in a critical fault and traffic disruption for all vNICs and uplink ports using that VLAN. Ethernet traffic is dropped on any VLAN which has an ID that overlaps with an FCoE vLAN ID.
You can create a VSAN at the domain group root or in a specific domain. You can also assign the VSAN to either fabric A or fabric B, or to both fabric A and B. When you assign the VSAN to both fabrics, both of them must have different VSAN ID and FCoE vLAN ID.
After creating a VSAN, if necessary, you can edit Fabric Zoning, Fabric assignment, VSAN ID and the FCoE vLAN ID.