VMware

This Question is Answered

2 "helpful" answers available (6 pts)
6 Replies Last post: Apr 11, 2008 6:13 AM by avmnd.com  

ESXi 3.5 installable Networking Questions posted: Apr 10, 2008 11:15 AM

Click to view avmnd.com's profile Novice
avmnd.com
29 posts since
Apr 13, 2006

I am a little confused as to how to set up the networking in esx3i. Have the dell poweredge 2950 iii "certified" for esx use. I have 3 seperate class c's I am working with. I have 2 network cards. I currently have a 66.xx port plugged into one nic and a 10.10.11.xx port plugged into the other nic. When I set up esx, i chose both nics for the management network. When I connect to the esx machine using the vi client from another machine on the 66.xx network, i can get in and I can create vm's etc. I have not assinged any network information to the vm's yet and they are powered down. I hardcoded a 66.xx.xx.xx ip for the host server. When i go to the networking area. I see the console is actually connected on 10.10.11.xx, but the other nic shows assumed network (or something like that) 000.000.000.000 thru 255.255.255.255. I would like my vm's to use the 66.xx range, but when I try to create a network, i loose my connection completely and then the management consoles ip gets wiped out. I've looked through the documentation, but it is not clear on how to do this all. I am pretty sure if i want to use a 3rd network for the vm's 216.xx I will need to add a new new and plug one of those 216.xx ports into it....

Re: ESXi 3.5 installable Networking Questions

1. Apr 10, 2008 11:31 AM in response to: avmnd.com
Click to view Dave.Mishchenko's profile Guru
Dave.Mishchen…
8,948 posts since
Nov 15, 2005
Given that you want to you a public IP range (66.xx) you'll want to increase the number of NICs you're using. Assuming you're not using software iSCSI or NFS for storage then I would suggest adding 4 NIC ports and configure your host like this

1) 2 NIC ports (different physical NICs if you use dual/quad port NICs) - create on virtual switch (vSwitch) and assign you management IP to ESX for this (10.10.11.xx). This is where the management port for ESX would exist
2) 2 NIC ports in a DMZ vSwitch for the VMs that you'll have in the 66.xx network. These 2 NIC ports would be physically connected to your DMZ switch. The important thing to note is that ESX will not have a IP presence on this vSwitch. That protects your ESX host from DMZ network attacks.
3) 2 NIC port for your 3rd C class - this would be your 216 network. Would you have that in another DMZ?

You could do this with 2 NICs in a single vSwitch and VLANs, but it would be ideal to seperate things out. Unless you have a specific reason, you should remove the 66.xx.xx.xx IP from your ESX host. It won't need it for you to run VMs in that IP range.

Could you describe how your host connects to switches for the various networks? I.e. do you have seperate switches for each? If that's the case then 2 your current 2 NIC ports you'll want 2 vSwitches. One will have a virtual machine port group for the 66 network and will only have one NIC port. That port will be connected to your 66 network physical switch. Another vSwitch will have the management port for ESX and the 10.10.11.xx IP assigned to it. This switch will have the other NIC port and will be connected to your management LAN. You would then add a 3rd NIC port for 216 network. If the 66 /216 network share the same switches you could seperate the traffic with VLANs.

Re: ESXi 3.5 installable Networking Questions

2. Apr 10, 2008 11:46 AM in response to: Dave.Mishchen…
Click to view avmnd.com's profile Novice
avmnd.com
29 posts since
Apr 13, 2006
I used the 66.xx becaue i may want to access this from the outside rather than logon to a machine behind the firewall. I will try making it a 10.10.11.xx address. Can i get by with two nic ports for a while realizing i would be giving up redundancy?

Re: ESXi 3.5 installable Networking Questions

3. Apr 10, 2008 12:03 PM in response to: avmnd.com
Click to view Dave.Mishchenko's profile Guru
Dave.Mishchen…
8,948 posts since
Nov 15, 2005
If you're using 2 seperate switches for the 10 and 66 networks then you'll need to configure 2 vSwitches - each with one NIC port. So you can get away with just 2 NIC ports for now. Personally I wouldn't expose a management port to the Internet. The convinience is not worth the network risk.

The network range you see on a vSwitch is just a guessimate of what ESX thinks is on the subnet based on broadcast traffic. It does not limit which IPs you can use for your VMs.

Re: ESXi 3.5 installable Networking Questions

4. Apr 10, 2008 4:35 PM in response to: Dave.Mishchen…
Click to view avmnd.com's profile Novice
avmnd.com
29 posts since
Apr 13, 2006
Thanks for the info. The physical switch is a cisco 2650? maybe? The network guy has it set up such that the 10.10 network does not have interne access. It is used for backups and databas access behind the firewall. It is a seperate vlan. I have a 216.xx vlan and a 66.xx vlan. So if i understand correctly essentially my networks are isolated from each other even though they are on the same switch. Each port goes to a hub and the 10.10 network cards are seperate on the server form the 66.xx and 216.xx. So if I am understanding correctly, then I should be ok for now to a) unlink the two nics and just use one for the maintenance network b) hook the other nic up to the 66.xx vlan, c) just create vm's, give them an address and subnet and esx will detect the network? Then I either need to a) create a virtual switch on esx that handles that vlan or b) create a vlan? Is that correct or do i need to do both? Is that about it?

Re: ESXi 3.5 installable Networking Questions

5. Apr 10, 2008 5:09 PM in response to: avmnd.com
Click to view Dave.Mishchenko's profile Guru
Dave.Mishchen…
8,948 posts since
Nov 15, 2005
So the way it is setup, unless there is routing in place your 3 subnets will be isolated from each each and each port on the switch will likely be assigned to a specific VLAN.

then I should be ok for now to a) unlink the two nics and just use one for the maintenance network b) hook the other nic up to the 66.xx vlan, c) just create vm's, give them an address and subnet and esx will detect the network?

Yes - you'll just edit the vSwitch - select the Network Adapter tabs and remove the NIC that you're going to move to the 66 VLAN. You'll then assign your VMs an appropriate IP / mask and gw for that subnet. For that vswitch you'll just have a Virtual Machine Portgroup assigned to the vSwitch. You won't have a vmkernel port on that vswitch unless you opt to manage the host directly over the Internet. When you do add the Virtual Machine port group to that new vSwitch, you'll have to assign the correct VLAN ID so that the VMs can communicate with the Cisco.

As an option for the 216 VLAN, you could create a trunk port on the Cisco switch. You would the connect the 66 NIC card to that switch port. On that vSwitch you could create 2 Virtual Machine Portgroup, one with the VLAN ID for the 66 subnet and the other portgroup with the VLAN ID of the 216 VLAN. Then you would create VMs and assign them to the appropriate VM Portgroup based on the subnet you need to connect them to. You could also have both NICs in one vSwitch connected to 2 trunk ports and then have a vmkernel portgroup on the 10 VLAN, and 2 VM Portgroups on the 66 and 216 VLANs. It would be best though to seperate the NICs and your network guy may not want to go that direction but it is an option to consider.

Re: ESXi 3.5 installable Networking Questions

6. Apr 11, 2008 6:13 AM in response to: Dave.Mishchen…
Click to view avmnd.com's profile Novice
avmnd.com
29 posts since
Apr 13, 2006
Works great! Thank you! never quite understood this vlan stuff, but now have a handle on it and the fact that you can set up switches in esx is just awesome! Showed the network guy, think he was a little impressed even..

Actions

VMware Developer

SDKs, APIs, Videos, Learn and much more in the Developer community.

Learn More

Developer Sample Code

Increase your developer productivity with VMware API sample code.

Learn More

VMworld Sessions & Labs

Online access to the latest VMworld Sessions & Labs and online services.

Learn more

Purchase PSO Credits Online

Purchase credits to redeem training and consulting services online.

Buy Now

Community Hardware Software

View reported configurations or report your own.

Learn More

VMware vSphere

Come witness the next giant leap in virtualization.

Register Today

Communities