VMware vSphere

Hi,

(ALL IPS ARE EXAMPLE)

I have a ESXi Server with a main IP in this range :

192.168.1.1

and gateway as : 192.168.1.190

But the addtional IPs for the server which i have to make virtual machines on them are in this range :

192.168.65.x

and they have the same Gatwaye , according to DC Technicians the additional IPs are routed through main server IP and i have to make a virtual gateway!

i searched around net and found out that i hve to create a Virtual Switch and create a Virtual machin for routing and acing like a gateway!

so can any one here guide me through this and tell me steps to create virtual switch and config a vm to be as gateway?

ok lets clarify things here, so:

ESX SERVER

IP ADDRESS:

192.168.1.x subnet

Gateway: 192.168.1.190

Virtual Machines

192.168.65.x

Gateway: 192.168.1.190?

DC technicians told you that the vm ip addresses are routed through the main ESXi host ip?

"virtual" gateways are mainly used when you have an inside nat , are trying to create a 192.168.65.x nat inside your ESXi host and give that subnet connectivity?

regards.

If you find this information useful, please award points for "correct" / "helpful".

My blog virtualización en tu idioma

hi

yes because those ips in different subnet will not work

i think i have to do virtual nat

you can download those free firewall/router in OVF format as the gateway attached to vswitchA to vmnicA, and vswitch B connected internal only

then all the other VM would be connected to vswitch B. hope that helps.

iDLE-jAM | VCP 2, VCP 3 & VCP 4

If you found this or any other answer useful please consider the use of the Helpful or correct buttons to award points

hi tachra, you can do a NAT using vyatta or you can use static routes also using vyatta.

As a fact im using vyatta in my home lab, here is the tutorial ive used.

http://www.technowine.com/how-to-configure-vyatta-as-an-internet-gateway

If you find this information useful, please award points for "correct" / "helpful".

My blog virtualización en tu idioma

Hi,

i did not get any thing from that vyatta helpguide :smileysad:

can u please describe what i have to do in ESXi and then what to do in vyatta?(for example how many interfaces must vyatta have or what interface must be connected to which vswitch in esxi and which interface must get what IP?)

please :X

hi tachra, that how to is just the exact commands you need to set the inner nat, as you can read you have 2 eth interfaces:

eth0 ---> "outbound interface" this iface is connected to the switch with a uplink (pNIC)

eth1 ---> this is the nat client or inner interface connected to your internal switch (no pNIC, no connectivity to the outside by its own)

regards.

If you find this information useful, please award points for "correct" / "helpful".

My blog virtualización en tu idioma

So what IP i have to seto to each ethernet????

for example my main server IP is : 72.72.45.26

and addtional IPs are : 72.72.31.1 to 126!

by "main" server are you referring to the esx(i) host?

is that so, the esx(i) host is sitting on a 72.72.45.x /24 subnet, and your vms will be on 72.72.31.1 subnet, you will have to set the inner interface of your vyatta route (eth1) to an ip on the 72.72.31.x subnet, and your outbound iface (eth0) to a ip from the 72.72.45.x subnet.

regards.

If you find this information useful, please award points for "correct" / "helpful".

My blog virtualización en tu idioma

the problem is :

I HAVE only one ip in 72.72.45.x subnet!

can i add one of the addtional IPs to the server and then use them for interfaces?

so you are thinking in giving the esx :smileyinfo: server an ip address of the 72.72.31.x subnet right? and then to the outbound iface of your vyatta router the only ip you have of the 72.72.45.x subnet?, the problem here is that you will not be able to reach your esx(i) host on the 72.72.31.x (your production lan right?).

If you find this information useful, please award points for "correct" / "helpful".

My blog virtualización en tu idioma

dude

i said my server just hase one IP in 72.72.45.x range

so what do you think i have to do?

On Wed, Nov 17, 2010 at 8:21 PM, amalanco8

Hi again,

i added one of additional IPs(72.72.31.x) to ESXi as vmkernel and that IP got connected and responding to ping!

i added one of 72.72.31.x to vyatta as eth0!

the IP is pingable from same subnet but it can not be pinged from outside of its subnet!

what now?

you must tell vyatta to do natting between those subnets. Your 31.x is the inside or nat for the vyatta router now you should go to vyatta and configure nat following the steps, if you want to access the 31.x subnet you will need to point to the vyatta ip as gateway.

regards.

If you find this information useful, please award points for "correct" / "helpful".

My blog virtualización en tu idioma

Dude i know

but i don't know what Ips i have to use for vyatta Ethernets!

i can not ping vyuatta from outside when i use 31.x Ips for its both ethernets!

in vyatta

eth0 ---> "outbound interface" (you should set an ip of your production LAN)

eth0 ---> "inbound interface"(you should set an ip the private lan will create)

the easiest way to get this working is that you ask for 2 ips on your production lan, 1 for the esx and 1 for the eth0 "outbound iface" of vyatta's router.

If you find this information useful, please award points for "correct" / "helpful".

My blog virtualización en tu idioma

Hi,

Did you solve this issue ? I am exactly in the same configuration as you :

- My physical ESXi server has a public IP address on a given subnet

- I have several other public IP addresses not on the same subnet as above and I use one for my Vyatta VM.

- Unfortunately Vyatta doesn't let me decalre a gateway that is not on the same subnet of y other IPs.

I tried to do that with antoher Debian and Debain lets me do that  and it worlks...

Except asking for another IP that is on the same subnet as the one for my physical server, as it was suggested in the last post, is there another solution ? I don't think my hosting provider can give me such an IP address.

Thanks,

C.

Your problem pre-supposes that your are not on a supernet (i.e. 192.168.1.0/255.255.0.0). Assuming this to be the case, you'll need to be clear about your layer-2 topology - are there any VLANs separating these subnets?

If the answer to the VLAN question is NO, then the existing router should just have a secondary IP address added to the existing interface, your VMs will point to that and you're done. This kind of defeats the purpose of subnetting and VLANs (i.e. broadcast domain limits), but will produce the exact same traffic profile as adding a second router to the same VLAN/layer-2 segment.

If you DO have VLAN segmentation, you'd need your virtual router (Vyatta is a great one) to have an interface configured in port groups on each VLAN. The interface for the 192.168.1.0/24 network should be able to ping your gateway. A static route in Vyatta must be configured for destination 0.0.0.0/0 with next-hop pointing to 192.168.1.190 (in your example). The second Vyatta interface will need to be in the new VLAN - as will all of your other VMs - and share the same subnet configuration as your hosts (i.e. 192.168.65.254/24) with your hosts pointing to that address as their default gateway.

Hope this helps.

-- Collin C. MacMillan, VCP4
Cisco CCNA/CCNP, Nexenta CNE
VMware vExpert 2010
SOLORI - Solution Oriented, LLC
http://blog.solori.net

If you find this information useful, please award points for "correct" or "helpful".