VMware Cloud Community
Vitaly91
VMware Employee
VMware Employee
‎09-06-2008 12:05 PM
Jump to solution

VM with mulitple NICs

Guys,

Wanted to check if I have things right in my mind.

I have a VM that has 2 vNICs. One of them has Public IP and is connected to the "outside" nietwork. The other vNIC has Internal IP and is connected to the internal network (going thru Firewall and then onto internal switch).

The idea is for traffic to come from outside and hit Public NIC. That NIC will route traffic to Internal NIC (inside the VM, right?). Then Internal NIC will send traffic thru Firewall and onto Internal switch.

My thinking is to have this VM on a vSwitch with 2 pNICs. 1 pNIC is connected to "outside" switch and the other pNIC connected to Internal Firewall and switch. If I understand this correctly, I would need to have this VM connected to 2 vSwitches. 1 vSwitch with outside pNIC and 2nd vSwitch with Internal pNIC. Am I right? Or can I just have 1 vSwitch with both outside and Internal pNICs on it and then route traffic based on IP Hash?

Please advise on the best way to accomplish this.

Thank you in advance!

0 Kudos
1 Solution

Accepted Solutions
depping
Leadership
Leadership
‎09-06-2008 12:09 PM
Jump to solution

no, you need to have the nics on the same network if you want to loadbalance it on ip. so better create 2 vswitches and hook it up on 2 switches.

Duncan

My virtualisation blog:

If you find this information useful, please award points for "correct" or "helpful".

View solution in original post

0 Kudos
4 Replies
depping
Leadership
Leadership
‎09-06-2008 12:09 PM
Jump to solution

no, you need to have the nics on the same network if you want to loadbalance it on ip. so better create 2 vswitches and hook it up on 2 switches.

Duncan

My virtualisation blog:

If you find this information useful, please award points for "correct" or "helpful".

0 Kudos
weinstein5
Immortal
Immortal
‎09-06-2008 03:26 PM
Jump to solution

the most secure emthod is to have 2 vswitches each a pnic on seperate networks that way you are sure no traffic will go between public and private unless if it flows through the vm -

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
mike_laspina
Champion
Champion
‎09-06-2008 08:43 PM
Jump to solution

Hello,

The method you have thought out is essentiallly correct but it would be good if you shared the fuctional side of what you need to accomplish.

The ESX host should have a separate pNIC to service the public network. The other pNIC can service the internal network which may go to a firewall depending on the requirements.

http://blog.laspina.ca/ vExpert 2009
Vitaly91
VMware Employee
VMware Employee
‎09-07-2008 03:22 PM
Jump to solution

Thank you, guys, for replies.

So it seems that my thoughts were in fact correct: 1 VM on 2 vSwitches with 2 pNICs (1 pNIC for each vSwitch, 1 pNIC to Public, 1 pNIC to Internal)

Mike, all I am trying to make sure of is for traffic from outside to be passed ONLY inside VM to internal NIC and then thru firewall to an internal switch. Basically, security is the priority here.

Again, thank you all for replies!

0 Kudos