This comes up occasionally, customers have multiple Management VMkernel interfaces and see vSphere HA traffic on both of the interfaces, or on the incorrect interface. In some cases, customers use the IP address of the first management VMkernel interface to connect the host to vCenter and then set an isolation address that is on the network of the second management VMkernel so that HA uses that network. This is unfortunately not how it works. I wrote about this 6 years ago, but it never hurts to reiterate as it came up twice over the past couple of weeks. The “management” tickbox is all about HA traffic. Whether “Management” is enabled or not makes no difference for vCenter or SSH for instance. If you create a VMkernel interface without the Management tickbox enabled you can still connect to it over SSH and you can still use the IP to add it to vCenter Server. Yes, it is confusing, but that is how it works.
If you want the interface to not be used by vSphere HA, make sure to untick “Management”. Note, this is not the case for vSAN, with vSAN automatically the vSAN network is used by HA. This only pertains to traditional, non-vSAN based, infrastructures.
Juliano says
Hello Duncan!
Very good reading, so fdm uses all mngmt vmkernels in parallel for host to host HA traffic if I understood correctly?
Another unrelated doubt if you open space in this post, as more I increase percentages reservations e.g. 15%,25%,35% I dont saw an decrease of clusters free resources at summary tab. Whats happens behind the scenes? The term “failover” resources is the total amount reserved for use in case of an HA event, or, it is a total amount of free resources to poweron new workloads? Its all about math, sorry! Thanks and congrats for the blog that rescue gold basics!