VMware Cloud Community
MarioGilera
Contributor
Contributor
‎04-21-2009 03:30 AM

Routing Linux Distro as VM over ESXi

Hi everybody,

is a good idea running a routing linux distro (like m0n0wall, zeroshell and so on) as a VM over ESXi or is better running it on a dedicated machine?

What are Pros and Cons of each solution?

TIA

MarioGilera

PS: sorry for ugly english...

Tags (1)
0 Kudos
6 Replies
AWo
Immortal
Immortal
‎04-21-2009 07:18 AM

I can't provide you with experiences here, but one thing which comes to my mind is, depending on the amount of traffic to be routed you may want to dedicate physical NIC's and virtual switches to that router. At least you should watch the network traffic to make a decision.


If you found this information useful, please consider awarding points for "Correct" or "Helpful" replies. Thanks!!


AWo

VCP / vEXPERT 2009

vExpert 2009/10/11 [:o]===[o:] [: ]o=o[ :] = Save forests! rent firewood! =
0 Kudos
depping
Leadership
Leadership
‎04-21-2009 07:26 AM

Welcome to the forums,

Why would you run it virtual? Did you virtualize any other servers already?

Duncan

VMware Communities User Moderator

-

Blogging:

Twitter:

If you find this information useful, please award points for "correct" or "helpful".

0 Kudos
MarioGilera
Contributor
Contributor
‎04-21-2009 01:51 PM

I've virtualized only some 2K3 for testing purpose and over old hardware (Socket A Athlon + KT600) and vith VMWare Workstation 6.5.

Now i want to try to virtualize:

1)A PDC

2)A IIS Server with WSUS (and SQL 2008)

3)A IIS Server with POP3 and SMTP in a virtual DMZ

4)A Router that connects all my networks: Virtual DMZ, a Virtual LAN for Servers, a phisical LAN for clients, and phisical WAN (through DG834GT). I was looking for a linux distro (free) that provide CoS or QoS, and i've chose ZeroShell.

I'would run ESXi on a GA-MA790FXT-UD5P with at least 8 gb of ddr3 and a PERC 5i Raid Controller.

I Know, the only hardware surely supported is PERC controller, but i want to use an AM3 platform.

TIA

MarioGilera

PS:I attach a schema of my network

Schema.rar
0 Kudos
Jackobli
Virtuoso
Virtuoso
‎04-21-2009 03:49 PM

Oh well, that should work.

IMHO the only thing to mention about is security. If you are routing (potential dangerous) internet traffic inside a guest, you should really take care and patch your guest and ESXi as soon, as security patches are available.

There are VMware whitepapers about the security of the virtual networks of ESX(i). But there have been vulnerabilities reported for guest os breakout.

MarioGilera
Contributor
Contributor
‎04-21-2009 03:59 PM

ok, i understand. but speaking about performances?

and what about hardware?

there are different am3 mainboard fully (especially aboutNIC) supported?

0 Kudos
Jackobli
Virtuoso
Virtuoso
‎04-21-2009 04:39 PM 

ok, i understand. but speaking about performances?
Oh, well... it depends Smiley Sad
If you are just routing (includes forwarding and NAT) and no iptables, it should do. Don't know, about how much traffic we talk.
 
and what about hardware?
there are different am3 mainboard fully (especially aboutNIC) supported?
The newer, the worse (usually).
Have a look into Dave's Whitebox list.

					
				
			
			
				
			
			
			
			
			
			
			
		

		
		
	

	
	


	
				
		
			
		
			
		
			
					
			
		
				
		
			
					
		
	
				
		
			
					
		
	
				
		
			
					
		
	
				
		
			
					
		
	
				
		
			
					
		
	
				
		
	
	


		

	

		

			

	
		
			
					
				
		
			
		
			
					
		
		
	
				
		
			
					
				
		
			
					

	
			

				
		
			
		
			
				

					
						
	
			0
		

	Kudos