hi, i am new to this, let say, my  server ip 8.8.8.8  ,  and virtal ip is 10.1.1.1

can they still attack the ip 8.8.8.8 , as we need it send ou the traffic by it ?

Hello  8.8.8.8 ip is real? If it's real this is "google dns ip"

Can you share ip configuration for host...

My recommendation is Host ip should be A, B , C class ip and dns ip is your local dns...

hi sorry, that 8.8.8.8 is just for example

our server ip 108.X.X.X , on this exsi serer, we have few host. during the attack, all those host are swtich off, so it is not host issue

they attack the  vmserver

Hello,

I can't understand you clearly,
I need source and destination, where the attack is coming from internet or in your network machine and where the attack is going to?

hi, i don't know the  source, i know the problem only from the vsphereclient network usage graph, it show up to 1G network usage

and at same time, all host on this vmserver , 90% packet loss

i don't know what kind of way to use to attack the vmware server, maybe DDOS or others,

is there any way to prevent this kind of attack

Hello are you called vcenter "vmserver" ?

Can you apply those operation below;

1- create a management vlan on physical switch

2- join all host and vcenter this vlan

3- apply Access Control List on Physical Switch side

If you believe attack coming from external ( Internet side ) restrict "vmserver" internet access