thecoffeeshop
Contributor
Contributor

Limitations of ESXi 5.5/vSphere networking question

hey everyone.

have hopefully a fairly easy and straightforward question that I need clarification on.

Running the free version of ESXi 5.5.

I have 5 physical NIC's in my server.

My original plan was to setup two, maybe three networks:

-production network

-storage network (iSCSI/NFS)

-backup network

Just some items I was going to play around with in my lab.

My idea is I run a lot of VM's testing things out. I wanted to attach either NFS (I believe NFS4 is not supported with this version? correct me if I am wrong) or iSCSI to present storage to ESXi. I was hoping to put this on its own network, separated from the production network VM's.

however, working within vSphere, although I have all 5 NIC's available to use, I cannot set my own network range when creating a new vswitch. I also see that I have to supply a gateway as well (was thinking of just setting up some VLAN's to keep the traffic isolated). Of course, a physical layer 3 switch could solve my challenges, but those are pretty pricey.

Another thread I saw brought up the potential to setup a router internally (router on a stick), which is something else that came to mind.

I realize I am running the free version and there are some limitations. Just wanted to clarify because I may have missed something.

Much appreciated.

TCS

0 Kudos
3 Replies
a_p_
Leadership
Leadership

The free Hypervisor doesn't have any restrictions regarding networking, except for using a distributed switch which is only available with an Enterprise Plus license.

Separating the storage network is recommended, and you don't want/need to set a gateway IP address for this since routing isn't supported for storage traffic anyway. The only VMkernel port group on which you configure the default gateway is the Management Network.

>>> I cannot set my own network range when creating a new vswitch

A vSwitch for virtual machine traffic doesn't have it's own IP address. Network settings are configured within the guests only, except for VLAN tagging, if you are going to use this feature.

André

thecoffeeshop
Contributor
Contributor

Thanks Andre.

That makes sense.


I will do some testing within my lab with that.

I appreciate it.

TCS

0 Kudos
Texiwill
Leadership
Leadership

Hello,

You may have more networks than the 3 you mentioned that need to be considered:

* Management

* vMotion

* Fault Tolerance (not available for free)

* Storage

* Production VMs

In this case I would not comingle any of these networks as they each represent different security trust zones. But if you had to, and are using VLANs, then Mgmt and Storage, vMotion and FT, and Production as its own. If not using VLANs then you should use different pNICS and pSwitches per each network.

Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009, 2010, 2011,2012,2013,2014

Author of the books 'VMWare ESX and ESXi in the Enterprise: Planning Deployment Virtualization Servers', Copyright 2011 Pearson Education. 'VMware vSphere and Virtual Infrastructure Security: Securing the Virtual Environment', Copyright 2009 Pearson Education.

Virtualization and Cloud Security Analyst: The Virtualization Practice, LLC -- vSphere Upgrade Saga -- Virtualization Security Round Table Podcast

--
Edward L. Haletky
vExpert XIV: 2009-2022,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill
0 Kudos