0

I'm trying to create some subnets on an ESXi (version 6.7) host and have some VMs within these subnets with one or more that act as gateway between them. I'm trying to do this creating another VLAN on the same vSwitch but I can't find a solution that works. The following is an example that I want to realize: I have the management network that is 10.0.0.0/24 I want a second network like this 10.0.1.0/24 So some VMs will be on the 10.0.0.0/24 network, others will be on the 10.0.1.0/24 network and some will have an interface on both networks.

Surely there could be other networks (10.0.2.0/24, 10.0.3.0/24 and so on) but this is the most simple example that describes my goal. I tried to assign a static ip to the VM that have an interface on the second network (actually I'm doing these tests only with Ubuntu VMs) through the netplan configuration file and I've also tried to setup the routes but it didn't work. The ping is the only thing that works but if I try to connect to something on the Internet it didn't work. I know that something could seem silly but I'm not very good on these networking stuff and I'm new to ESXi, I hope that someone could help me, thanks in advance.

Ps. Tell me if you need some additional information about my environment.

Albyx97
  • 11
  • 2
  • 5
    You need a router to route traffic between different subnets and towards the internet. – vidarlo Apr 10 '21 at 20:19
  • @vidarlo Yes, that will be one solution but it can't be done without a router? (I know that could be a silly question). I want to avoid to deploy an additional router in my ESXi but I can't find a solution until now (so I didn't know if it could even be possible). However, thank you for the reply. – Albyx97 Apr 10 '21 at 21:22
  • 5
    No, you need a router to route traffic. Any cm with a network stack can do that, but then it's by definition a router. – vidarlo Apr 10 '21 at 21:39
  • 5
    Routers route traffic between networks. ESXi is not a router. You need a router. – joeqwerty Apr 10 '21 at 22:12
  • You'll be using a vSwitch, either the vSS or vDS, the key here is the word 'switch', which is a Layer 2 thing, switches don't deal with L3 things like IP, so can't act as a router, which does deal with L3 things like IP. The only way you can make this work is if you bought VMware's NSX, which is expensive and complex, it's good though, and has a L3 switch and separate routers if needed. – Chopper3 Apr 13 '21 at 10:02

1 Answers1

2

As the comments already pointed out - you need a router.

You said that you already set your routes - where did you set them to? You cannot just set the routing to any IP device and hope that this will forward your requests. The target point of a set route must be any kind of device that knows what to do with packets they get - this need not be a "hardware router", it must be any kind of software that is capable of routing.

Theoretically it is even possible to make a Windows Client/Server a router - you just need to add interfaces in all the networks between which you want to route (what you already did, as far as I understand), and you need to install a software that will route the traffic - Windows Server for example has a role for this.

TL;DR: You want to route traffic between different networks? It is not enough to put a client in both networks, this client must be capable of routing - it must become a "router". It is possible to make a router out of a Windows Server. Should you do it? As some people say, "it is also possible to shoot yourself in the foot. Neither is a good idea". But this is my opinion.

Zac67
  • 10,320
  • 2
  • 12
  • 32
Tobias
  • 1,236
  • 1
  • 13
  • 25
  • All Windows NT versions (NT3 through Win 10 / 2019) can be configured to route between interfaces. – Zac67 Apr 13 '21 at 19:32
  • Thanks for your reply @Zac67, I just wanted to make sure about that because I'm new to ESXi and I haven't configured nothing like that ever. So, I know that a router routes traffic but I wanted to make sure there wasn't some kind of ESXi mechanism that allow me to do something like that. Thanks to all for your reply, the situation is clearer now. – Albyx97 Apr 14 '21 at 18:43
  • There's no real magic behind it. A vSwitch is very much like a physical layer-2 switch, with the major difference that it'll *never* forward frames from a physical interface to another physical interface. But still, forwarding - route - packets between VLANs or port groups requires a router. – Zac67 Apr 14 '21 at 20:32
  • Thanks, your reply is very complete. Thank you again @Zac67, you really helped me. – Albyx97 Apr 16 '21 at 10:35