XCP-ng storage and network advice

Andy · February 8, 2025, 2:42am

Kia ora team,

I’m looking for a little advice about how best to setup parts of an XCP-ng install. Its just in a homelab for a bit of fun and to learn on, I’ve managed to follow Tom’s videos and get both XCP-ng running on an old Dell R730, and XO running on an old Qotom box. My (simplified) network layout is:

Vlan 1: Default - nothing on it
Vlan 2: Management - used for access to administrative interfaces and network control plane
Vlan 3: Trusted network - intend to deploy VM’s to addresses on this network once they are working the way I want
Vlan 4: Lab - locked down, can get to the internet but not to any other VLAN (addresses can reach each other). VM’s start here until they are working as intended then move to Vlan 3.
Vlan 5: Storage - not routed on pfSense, just configured within XCP-ng and on the UniFi switches. Storage target is a Synology NAS.

What I’d appreciate advice on is:

The server has four ports; 2x10G Ethernet, and 2x 1G Ethernet. What are the relative pro’s and con’s of keeping the physical interfaces independent of one another (i.e. one network/Vlan per PIF) rather than LAGGing the 2x10G and then having everything available over that connection.
I understand the concept of not routing storage, but the practicalities of setting it up haven’t been so clear. The storage is iSCSI on a Synology NAS. Was easy enough to setup the iSCSI but how does XCP-ng know to access it via the correct PIF? Do I need to setup a static route, or have I missed somewhere to configure the path to the storage?

Thanks in advance.
Andy

xMAXIMUSx · February 8, 2025, 4:15am

To make it simple I would trunk all VLAN’s over the single 10G link (no LAGG). Then when you setup the PIF under that physical interface with all your VLAN tags. Make sure to set a static IP on your iscsi PIF

Then when you go to setup you iscsi connection you’ll set a static IP on your iscsi target and then you’ll be able to connect it all up.

Andy · February 8, 2025, 6:45am

Thanks @xMAXIMUSx,

Is anything required for the storage connection (static route, etc?) in your experience or should this just connect when adding the storage repository?

Thanks
Andy

LTS_Tom · February 8, 2025, 10:52am

When you create the VLAN 5 network for that pool you can then go to each host in that pool and add the static IP’s to those hosts (No gateway, just IP & Mask) and then as you attach other servers to the storage network and assign them static IP’s as well. When you are adding new storage to that pool it know what network / interface to use based on the IP.

xMAXIMUSx · February 8, 2025, 1:49pm

The way the devices communicate is by the VLAN tags. This is where a layer 2 switch comes into play. You can have the native VLAN ID of your physical switch ports or if you are trunking all VLAN’s then when a packet from VLAN 5 reaches you xcpng hosts then it automatically knows how to communicate.

This is why you are defining VLAN tags when setting up XCPng PIF’s. No static routes required.

Andy · February 8, 2025, 11:12pm

Thank @LTS_Tom and @xMAXIMUSx,

Much appreciated. Will give that a try tonight.

Regards
Andy