VMware Cloud Community
firefox111
Contributor
Contributor
‎04-23-2009 04:59 AM

ESXi 3.5 with two networks

Hello. How do I configure a second network adapter? Is it in the "Configure Management Network"? The "IP Configuration" does not give me an option to configure the second adapter?

Thanks in advance for your help.

0 Kudos
8 Replies
AntonVZhbankov
Immortal
Immortal
‎04-23-2009 05:13 AM

Once you've configured network adapter for management network in console, all other network configuration can be done in VI Client.


---

VMware vExpert '2009

http://blog.vadmin.ru

EMCCAe, HPE ASE, MCITP: SA+VA, VCP 3/4/5, VMware vExpert XO (14 stars)
VMUG Russia Leader
http://t.me/beerpanda
0 Kudos
firefox111
Contributor
Contributor
‎04-23-2009 06:10 AM

Thanks but how? This is ESXi. In the VMI Client configuration of the guest, I can't seem to find the option to configure the second adapter to be used by the guest which needs to connect to another network. Note that the first NIC of the ESXi server connects all guest to our LAN. The second NIC can connect a guest that needs access to another physical flat network.

0 Kudos
AntonVZhbankov
Immortal
Immortal
‎04-23-2009 06:25 AM

Create new vSwitch and connect to needed physical NIC. Create new "Virtual Machine Network" on this vSwitch.

After that add second adapter to guest and connect it to new "Virtual Machine Network".


---

VMware vExpert '2009

http://blog.vadmin.ru

EMCCAe, HPE ASE, MCITP: SA+VA, VCP 3/4/5, VMware vExpert XO (14 stars)
VMUG Russia Leader
http://t.me/beerpanda
0 Kudos
firefox111
Contributor
Contributor
‎04-23-2009 08:10 AM

Anton, thank you so much for your response. I have successfully created a vswitch which uses the second adapter to connect to another physical flat network. Now the one VM is isolated from the rest of the VM's. Is this really a true isolation since the host is connected to two physical networks networks? Do I need to know more on the host side configuration to ensure one network traffic will not cross into the other?

Again, thanks.

0 Kudos
AntonVZhbankov
Immortal
Immortal
‎04-23-2009 10:17 AM

No, it's not TRUE isolation. There is no TRUE isolation even if you use real hardware swithches, but if you are sure in ESX - you are sure in isolation level. vSwitches are just any other 2nd layer switches, that's all.

The only TRUE isolation is when different network segments completely have no common nodes.


---

VMware vExpert '2009

http://blog.vadmin.ru

EMCCAe, HPE ASE, MCITP: SA+VA, VCP 3/4/5, VMware vExpert XO (14 stars)
VMUG Russia Leader
http://t.me/beerpanda
0 Kudos
firefox111
Contributor
Contributor
‎04-23-2009 10:43 AM

So even if the NIC's on this ESXi host are connected to different physical switches connected to two different flat networks, there is no true isolation at the guest machine level?

0 Kudos
AntonVZhbankov
Immortal
Immortal
‎04-23-2009 10:51 AM

True isolation can be only in one case - when there is no any common elements in different networks. If you have one host connected to 2 difffernet networks it's no longer true isolation.

All the isolation is on software level. If you're not really security paranoid, then you can treat this configuration as True isolation. I think you trust VMware ESX more or less Smiley Happy


---

VMware vExpert '2009

http://blog.vadmin.ru

EMCCAe, HPE ASE, MCITP: SA+VA, VCP 3/4/5, VMware vExpert XO (14 stars)
VMUG Russia Leader
http://t.me/beerpanda
0 Kudos
AntonVZhbankov
Immortal
Immortal
‎04-23-2009 11:09 AM

If you consider any comment helpful please award points Smiley Happy


---

VMware vExpert '2009

http://blog.vadmin.ru

EMCCAe, HPE ASE, MCITP: SA+VA, VCP 3/4/5, VMware vExpert XO (14 stars)
VMUG Russia Leader
http://t.me/beerpanda