VMware Communities: Recommendation for ESX infrastructure design

Up to Discussions in VI: ESXi 3.5

This Question is Answered

1 "helpful" answer available (6 pts)

2 Replies Last post: Jun 22, 2009 5:15 AM by @m!t

Recommendation for ESX infrastructure design

Jun 22, 2009 4:38 AM

olor 46 posts since
May 20, 2008

Hello all.

What is a best practise about network design of virtualisation infrastructure?

I plan to make a server with linux firewall and behind it DMZ with vCenter and 4 ESX nodes.
Is it important to make vCenter as ESX nodes GW?

I will connect to vCenter via whiteIP mapping on firewall - is VM console redirection will work?

Tags: design, best_practices, network

Reply Re: Recommendation for ESX infrastructure design Jun 22, 2009 4:38 AM

kesparlat 43 posts since
Oct 30, 2007

Hello Olor,

I'm not sure what are you asking. So I will try to explain how it works.

But you should know that you can put your ESX servers in a DMZ without any inconvenience. As you know VMware understand 802.1q so you can tag your DMZ as a VLAN for a specific vSwithc. You can plug some vmnics directly to your DMZ switch. Or you can put all your ESX server nics in DMZ.

So you won't have any problem only question is manage this configuration trough vCenter. If you put all your ESX interfaces (Service Console) in DMZ you should open some ports between thus. Additionally Vmotion network must be in a separate network without a routable IP (remember that Vmotion network speaks directly with your vmkernel, so you must protect).

Maybe in this scenario I'd prefer to put your ESX server with some vmnics connected to inside (Service console), others to a private network (Vmotion, and FT), and the rest connected to your DMZ

Regards

Reply Re: Recommendation for ESX infrastructure design Jun 22, 2009 5:15 AM

@m!t 53 posts since
Apr 8, 2008 VMware

Check this doc:

http://www.vmware.com/files/pdf/dmz_virtualization_vmware_infra_wp.pdf

-@m!t

Actions

View as PDF

Up to Discussions in VI: ESXi 3.5