Ensuring a specific network is always used

digitlman77 · ‎11-05-2010

Hello,

I created a virtual lab space, and in doing so, created a vSwitch that is not connected to any physical adapters so that I can have my lab vms connected to each other, but not affect the outside world.

I created a resource group that I keep all the lab machines under.

Other than configuring the host with that vSwitch only, is there any way to guarantee that the lab vms never accidentally get connected to the "live" network? I know this is me being extra paranoid, since configurations do not suddenly change on their own, but I can only shiver at the thought of my test domain controller suddenly being introduced to it's live counterpart, and the chaos in my domain that would ensue!

vmroyale · ‎11-05-2010

Hello.

Other than configuring the host with that vSwitch only, is there any way to guarantee that the lab vms never accidentally get connected to the "live" network?

You could set very restrictive permissions on it.

Good Luck!

digitlman77 · ‎11-05-2010

Please explain.

vmroyale · ‎11-05-2010

Are you worried about someone changing this without you knowing? If so, you could set permissions on this VM so that only you have access to it. I don't know of any way to lock a VM to a vSwitch, other than protecting it via permissions from those people that would potentially make this type of change.

digitlman77 · ‎11-05-2010

No, I'm just worried I might do something dumb, or somehow screw up.

I guess if I cannot lock it down, I just have to be very careful.

vmroyale · ‎11-05-2010

You could leave the virtual nic disconnected, except when you are using the VM. That way if something gets changed or if the VM gets powered on, it still won't actually connect.

digitlman77 · ‎11-05-2010

Yeah, I think that'll be part of my safety net.

All

Ensuring a specific network is always used