Announcement

Collapse
No announcement yet.

Esxi 5.1 configuration question

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Esxi 5.1 configuration question

    Hi everyone,

    been a bit of a lurker in the petri community and have found it an amazing help with a variety of things! I was hoping someone could help clear some questions I have - I apologise if they are silly or are obvious but I have tried to get my head round it and I do not have a test environment!.. I wish to make changes to an existing setup which is:

    2 ESXi 5.1 hosts which have the a few VM servers each on them on 192.168.10.x. I need to implement a server which should not be able to accessed by these servers but should be able to access internet and to certain vlans within the environment (and be accessed by these vlans) - It should be on another address say 192.168.60.x
    Please view my attached documents as a way of hopefully providing the information you require to the environment. (they are of each esx host)

    I am thinking I require to buy two network cards (one for each host) as all other network cards are in use, create a vswitch that matches on both hosts and apply the NIC to that (duplicating setup on both hosts). I then had figured that Id have to set the VLAN on the port group to only listen to .60 but upon looking at the setup, all port groups are set to VLAN value of 0 (from what I understand this means they do not tag traffic) but when checking the Cisco Discovery Protocol it can see the VLAN as 10 as in screenshot (Please view them).

    My question(s) are really:

    Am I correct in thinking I require another network card for each host (bearing in mind I dont want to unteam the existing ones)?

    With regards to setup will I just have to install the network cards, create a vSwitch on one host and assign the new physical network adapter then duplicate the setup on the second host. (Then create the VM and assign to that network switch) and not have to bother with vlan settings for the port group (As I believe I can get the Cisco guys to configure that side of it please correct if wrong). I know this one would be hard to answer as you don't know the setup but is there anything I can check to prove the routing is all done by the cisco side and not the vmware side (I thought I had possibly proved this by seeing the port groups were set to VLAN value of 0.

    Many thanks in advance for your time and help,

    Colin
    Attached Files

  • #2
    Re: Esxi 5.1 configuration question

    Originally posted by colinged View Post
    Hi everyone,

    been a bit of a lurker in the petri community and have found it an amazing help with a variety of things! I was hoping someone could help clear some questions I have - I apologise if they are silly or are obvious but I have tried to get my head round it and I do not have a test environment!.. I wish to make changes to an existing setup which is:

    2 ESXi 5.1 hosts which have the a few VM servers each on them on 192.168.10.x. I need to implement a server which should not be able to accessed by these servers but should be able to access internet and to certain vlans within the environment (and be accessed by these vlans) - It should be on another address say 192.168.60.x
    Please view my attached documents as a way of hopefully providing the information you require to the environment. (they are of each esx host)

    I am thinking I require to buy two network cards (one for each host) as all other network cards are in use, create a vswitch that matches on both hosts and apply the NIC to that (duplicating setup on both hosts). I then had figured that Id have to set the VLAN on the port group to only listen to .60 but upon looking at the setup, all port groups are set to VLAN value of 0 (from what I understand this means they do not tag traffic) but when checking the Cisco Discovery Protocol it can see the VLAN as 10 as in screenshot (Please view them).

    My question(s) are really:

    Am I correct in thinking I require another network card for each host (bearing in mind I dont want to unteam the existing ones)?

    With regards to setup will I just have to install the network cards, create a vSwitch on one host and assign the new physical network adapter then duplicate the setup on the second host. (Then create the VM and assign to that network switch) and not have to bother with vlan settings for the port group (As I believe I can get the Cisco guys to configure that side of it please correct if wrong). I know this one would be hard to answer as you don't know the setup but is there anything I can check to prove the routing is all done by the cisco side and not the vmware side (I thought I had possibly proved this by seeing the port groups were set to VLAN value of 0.

    Many thanks in advance for your time and help,

    Colin

    hi colin,

    pretty much, yes. Add an additional network card to each ESX server (make sure it's on the HCL)
    setup a new vswitch on that card (and mirror it on both)
    then add the reelvant vlan bindings etc.

    any guest you put on this vswitch shouldn't be able to access the other vsiwitches
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Esxi 5.1 configuration question

      tehcamel - thank you very much for your reply , always good to know you're on the right track! May I ask one thing though...

      you had said to add the relevant vlan bindings (which I had originally thought would have been the case for the existing setup) however there appears to be no vlan bindings and it is set to 0 as if it's untagged traffic. I had thought that the only way to do this was to do this was as you say but do you think that it is likely that there are no settings regarding vlan traffic within vsphere but all routing / rules are carried out on the cisco side?

      Thanks again,

      Colin

      Comment


      • #4
        Re: Esxi 5.1 configuration question

        Buying a new NIC will be the easiest way of doing it if you can manage your VLAN's externally. No VLAN bindings are necessary as its a separate network anyway.

        It can however be done with the current setup you have. Just takes a bit of planning.

        Comment


        • #5
          Re: Esxi 5.1 configuration question

          i dont' have an esx server in front of me, however from memory, when you create a vswitch, you can give it a particular vlan tag.

          if you're connecting that vswitch to a switchport that's vlan-tagged anyway, you may not need this...

          I'm a bit crap when it comes to vlan
          Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

          Comment


          • #6
            Re: Esxi 5.1 configuration question

            Originally posted by tehcamel View Post
            i dont' have an esx server in front of me, however from memory, when you create a vswitch, you can give it a particular vlan tag.

            if you're connecting that vswitch to a switchport that's vlan-tagged anyway, you may not need this...

            I'm a bit crap when it comes to vlan
            You are correct however when you create the vSwitch you would still need the new NIC to accomplish what the OP wants.

            What I would do is get the network guys to create a VLAN and allow access to that VLAN from the port/ports that your physical adaptor is connected to.

            On Cisco I think its something like this

            Code:
            switchport allowed trunk access 0,60
            switchport mode trunk
            http://www.cisco.com/en/US/docs/swit...html#wp1150302

            Create a single vSwitch, already done, and then add a 2nd Port Group to the vSwitch and assign that the VLAN tag, in this case 60.

            I haven't done this for a while so the memory is a little rusty but that should achieve the objectives without any additional expense.
            Attached Files

            Comment


            • #7
              Re: Esxi 5.1 configuration question

              tehcamel and Wullieb1 - thank you so much for your help. Very informative and has me on the right track! Thanks a lot!

              Comment

              Working...
              X