-1

Long story short. I would like to prevent guests in the same vSwitch from communicating to one another. I am at a loss as to how to make this happen. Any ideas please?

I have been reading on vShield, but I don't this this helps?

I have Standard, with Support Subscription if that helps.

Update Edits as requested: They do not need connectivity to the physical network, but they need to be on the same vSwitch. And on the same Subnet

To add some extra context, this will form part of a multi site HA solution, using Veeam Backup and Recovery. With 2 vSwitch in one site, and 2 vSwitch in remove site. And in either site, the connectivity is reversed.

user1076412
  • 113
  • 4
  • Do the virtual machines need connectivity to the physical network? – joeqwerty Nov 24 '14 at 04:35
  • Can you add your comments to your question and clarify them? also add as much detail about what you're trying to achieve and post a network diagram if you have one so that we can get a visual idea of what you're doing. – joeqwerty Nov 24 '14 at 05:05

1 Answers1

3

Here are a few ways you could do it:

  1. Create a separate vSwitch for each group of virtual machines that DO need to communicate with each other. Virtual machines on different vSwitches won't be able to communicate with each other.

  2. Create separate port groups on the same vSwitch and assign each port group a different VLAN ID. Then connect the relevant virtual machines to the appropriate port groups.

NOTE: There are other design considerations if these virtual machines need connectivity to the physical network, but you didn't specify that in your question (at the time of this answer).

EDIT: Based on your comment, you could create a separate port group on a single vSwitch, using a different VLAN ID for each port group. You would then connect the relevant virtual machines to the appropriate port groups. You'll need to connect the physical switch ports as trunk/tagged ports (Cisco/HP).

joeqwerty
  • 109,901
  • 6
  • 81
  • 172