I'm sure the title is making you wonder but I'll try to explain :).
Currently, I have bare metal servers dedicated to a single function of responding to port 80 clients with a simple 200 and a few UDP ports allowed for a test the clients can run. It's basically a custom ICMP port range.
Anyhow, these servers are very important but they are a waste of resources as it's their only function. If I could convert these to ESX, they could be better utilized.
There cannot be any sort of hardware between the clients and the servers. We've tested using ESX to a VM but the problem is that there were cases where the host itself responds to clients causing false alarms. It's something in the way that the software devs built this test system so a host cannot be used.
That said, would it be possible in a safe way to allow port 80 hits, using a custom page that simply has a digit on it and opening a few UDP ports.
LOL, I won't be challenging them, they know what they are doing :).
I just wanted to ask a quick question in case there was such an option. As there is not, it's solved.
Certainly not what ESXi is designed for, better to do what you need in VMs.
Of course it's not designed for that but we often find creative ways of achieving the different needs that we have :).
As mentioned, we cannot use a vm.
No problem, figured I'd ask, just in case.
Thank you.
Find out why you think the host might sometimes be responding.
It has something to do with the host responding to ICMP when it should not. I don't know why however, I just know the devs always make it clear not to use a vm.
I would challenge the devs on why they think a VM cannot be used. The ESXi host does absolutely respond to ICMP, but on its own IP address which is separate from the VMs IP addresses. Sounds like to me there's a fundamental lack of understanding on the devs part on how Type 1 virtualization works.
LOL, I won't be challenging them, they know what they are doing :).
I just wanted to ask a quick question in case there was such an option. As there is not, it's solved.
Reading what you've posted, while they may know what they are doing as a developer, they don't have the first clue about the infrastructure side of the house, which can lead to some nasty situations where they inadvertently open the network up to a breach. Seen it many a time over 25+ years in the job.
Ultimately, it's up to you as the OP to close the topic as resolved.
Okeedokke then. I'm not going to get into an argument or explain what they are doing since it's proprietary.
As I said, using a vm doesn't work, it's that simple and the end of this thread.