VMware Cloud Community
AWahlert
Contributor
Contributor

NetWorking Sandbox on VSphere 4.1.1

Hi list,

we have switched to VSphere 4.1.1.

I have configured an dvswitch  with the appropriate VLans on our physikal Cisco 6500'er.

The last Step for me is a "sandbox" network. All VM's connectet to this sandbox should only see these vms. No connection to the wider network should be possible.

How can i manage this? A new dvswitch must have an physikal uplink, is'nt it?

kind regards

Andreas

Reply
0 Kudos
3 Replies
idle-jam
Immortal
Immortal

you can create a new switch without any pnics attached to it

Reply
0 Kudos
AWahlert
Contributor
Contributor

Hi,

you mean  a normal standard switch on all esxi hosts??

regards

Andreas

Reply
0 Kudos
bulletprooffool
Champion
Champion

That is one option, though will not allow routing between VM on different physical hosts.

Are you happy to isolate this traffic to each ESX host (so a VM on ESX1 can not access a VM on ESX 2?)

If you have an old physical switch knocking about you could patch an unused NIC on each Host to a 'private network'

Alternatively, you could create vSwitches on a privtae VLAN on each host and make sure there is simply no router available on that VLAN - this way trafffic can not 'jump' the VLAN?

If your VMs are on the same subnet and have no default gateway specified, they will not see anyhting on an y differnt subnet.

One day I will virtualise myself . . .
Reply
0 Kudos