VMware Cloud Community
dolphs
Contributor
Contributor
‎11-11-2018 07:29 AM
Jump to solution

VMWare ESXi 6.7

Hi,

I am new to VMware and installed ESXi 6.7 for home use, educational purposes.

First have been fooling around to get my RAID10 disk array and RAID10 SSD working properly but all fine there there.

Yet a new hurdle is to deploy CentOS7 VMs with 2 LANS, meaning

1st LAN is the management LAN ( IP address abtained from my router ) which works by default ( VM Network ).

The 2nd LAN, to be created, should be an internal LAN which can be reached between VMs: Link-Local.

So far I tried without succes

Add a vSwitch (vSwitch-local), link discovery: Listen, security: accept all, as well

added VMKernel NIC, new port group ( called: local network ), virtual switch (selected vSwitch-local), VLANID 1, allow only IPv4 and left DHCP with default TCP/IP stack and all services ticked

Some more options have been tried but I can only add " VM Network " when adding a new network adapter to the VM

Therefore can one guide me through this process please using the web console in ESXi 6.7

thanks

1 Solution

Accepted Solutions
a_p_
Leadership
Leadership
‎11-11-2018 07:58 AM
Jump to solution

This is basically the same as if you would setup physical systems with two NICs, which are connected to two physical switches.

You've already configured the VM's Management network by attaching the VM's virtual network adapter to the default  "VM Network" on vSwitch 0, so that's ok.

For the internal network, create another vSwitch on the ESXi host with a Virtual Machine port group, i.e. not a VMkernel port group. Then add another virtual network adapter to your VM, and connect it to the newly created virtual machine port group. That's it from the ESXi point of view. The remaining steps are guest OS related, i.e. setup the second netork interface as required from within the guest OS.


André

View solution in original post

0 Kudos
6 Replies
a_p_
Leadership
Leadership
‎11-11-2018 07:58 AM
Jump to solution

This is basically the same as if you would setup physical systems with two NICs, which are connected to two physical switches.

You've already configured the VM's Management network by attaching the VM's virtual network adapter to the default  "VM Network" on vSwitch 0, so that's ok.

For the internal network, create another vSwitch on the ESXi host with a Virtual Machine port group, i.e. not a VMkernel port group. Then add another virtual network adapter to your VM, and connect it to the newly created virtual machine port group. That's it from the ESXi point of view. The remaining steps are guest OS related, i.e. setup the second netork interface as required from within the guest OS.


André

0 Kudos
HassanAlKak88
Expert
Expert
‎11-11-2018 11:03 PM
Jump to solution

Hello,

You only need to create a normal port group (VM traffic), keep al settings as default and assign this port group to virtual machines needed:

pastedImage_0.png

pastedImage_1.png

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
dolphs
Contributor
Contributor
‎11-12-2018 10:39 AM
Jump to solution

HassanAlKak88​ -

thanks for your answer .

After executing your suggestion I can indeed choose this new network adapter

but still resolves my 192.168.10.x address while I need a private range isolated from the management lan, eg:

lan1.jpg

lan2.jpg

Believe I should take the suggestion by a.p. .

So followed this

" Then add another virtual network adapter to your VM,  and connect it to the newly created virtual machine port group. "

Yet in CentOS the virtual network does not have an IP yet choosing "Link-only" for 2nd adapter (ens224)

centos.jpg

thanks both!

0 Kudos
IRIX201110141
Champion
Champion
‎11-12-2018 10:58 PM
Jump to solution

The network basics havent change so

1. Setup a DHCP on your new created internal/private network

or

2. Assign a static IP Adress to the 2nd. network interface

And in both cases you must use a new subnet. Option 2 is the prefered way.

Regards,

Joerg

0 Kudos
HassanAlKak88
Expert
Expert
‎11-12-2018 11:52 PM
Jump to solution

Hello,

As I understand you need to isolate your virtual machines from the host management network.

I guess if you go to this port group and make the uplinks as Unused, in this case only virtual machine on the same host can communicate.

Please consider marking this answer "CORRECT" or "Helpful" if you think your question have been answered correctly.

Cheers,

VCIX6-NV|VCP-NV|VCP-DC|

@KakHassan

linkedin.com/in/hassanalkak


If my reply was helpful, I kindly ask you to like it and mark it as a solution

Regards,
Hassan Alkak
0 Kudos
dolphs
Contributor
Contributor
‎11-13-2018 04:23 AM
Jump to solution

Hello,

Selecting "Link local only" in CentOS7 for 2nd Ethernet adapter results in a "169.254.x.y" address, which I indeed expect.

lan2.jpg

As far I know Link local addresses allow VMs to automatically have an IP address on a network

if they haven't been manually configured or automatically configured by a special server on the network (DHCP).

So therefore no strict need for a DHCP server for internal network imho as well a new subnet is being created (255.255.0.0).

Thus this 2nd adapter should allow me to communicate between VMs created directly.

however on booting up I do not get an IP address for the 2nd LAN ( see similar screenshot previous posting ).

Looks like I am close to my goal but just not there yet.

Please note:

1/

ens192 has been configured manually: IP: 192.168.10.41, netmask /24, 192.168.10.1(gw), 192.168.20.2 (dns) and IPv6 is being ignored, while

2/

ens224 has been configured as "Link-Local only" ( as mentioned already ) and IPV6 is being ignored

lan2b.jpg

Update1/

Now on checking the config file in CentOS is seems I am getting closer updating " ONBOOT=yes " in " /etc/sysconfig/network-scripts/ifcfg-ens224 "

ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.10.41  netmask 255.255.255.0  broadcast 192.168.10.255

        inet6 fe80::20c:29ff:fe2c:31cc  prefixlen 64  scopeid 0x20<link>

        ether 00:0c:29:2c:31:cc  txqueuelen 1000  (Ethernet)

        RX packets 215  bytes 21343 (20.8 KiB)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 161  bytes 21511 (21.0 KiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens224: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 169.254.56.249  netmask 255.255.0.0  broadcast 169.254.255.255

        inet6 fe80::20c:29ff:fe2c:31d6  prefixlen 64  scopeid 0x20<link>

        ether 00:0c:29:2c:31:d6  txqueuelen 1000  (Ethernet)

        RX packets 2  bytes 120 (120.0 B)

        RX errors 0  dropped 0  overruns 0  frame 0

        TX packets 13  bytes 858 (858.0 B)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Update2/

Rolled out another VM and looks like this exercise can be set  " completed "

64 bytes from 169.254.42.107: icmp_seq=240 ttl=64 time=0.124 ms

64 bytes from 169.254.42.107: icmp_seq=241 ttl=64 time=0.096 ms

64 bytes from 169.254.42.107: icmp_seq=242 ttl=64 time=0.103 ms

64 bytes from 169.254.42.107: icmp_seq=243 ttl=64 time=0.097 ms

64 bytes from 169.254.42.107: icmp_seq=244 ttl=64 time=0.101 ms

64 bytes from 169.254.42.107: icmp_seq=245 ttl=64 time=0.092 ms

AND

64 bytes from 169.254.56.249: icmp_seq=2 ttl=64 time=0.092 ms

64 bytes from 169.254.56.249: icmp_seq=3 ttl=64 time=0.083 ms

64 bytes from 169.254.56.249: icmp_seq=4 ttl=64 time=0.083 ms

64 bytes from 169.254.56.249: icmp_seq=5 ttl=64 time=0.087 ms

64 bytes from 169.254.56.249: icmp_seq=6 ttl=64 time=0.084 ms

64 bytes from 169.254.56.249: icmp_seq=7 ttl=64 time=0.077 ms

thanks again

0 Kudos