Posted on 2009-12-21
I'm facing a somewhat complicated network scenario and need some advice on how best to proceed. I have clients that are sharing an ethernet switch. Currently, there are about 15 computer organized into 3 separate peer-to-peer networks occupying the same 192.168.0.0 subnet with DHCP served by a shared DSL router. All users share Internet and a printer/scanner on a specific IP address. Very simple.
I am preparing to install two new MS Small Business Servers to support two fully separate domains as well as the existing peer-to-peer network. The two domain controllers will be hosted on a shared VMWare ESXi box with two physical NICS. While testing the viability of this plan on my office's physical network, I discovered that despite having set the managment IP address of the ESXi box to a different IP subnet than what is used for my office network, the DHCP service fails to start on the new virtual server. This is what I'd like to do:
Shared Physical Ethernet
New VM Network1: Domain controller on 192.168.75.1
New VM Network2: Domain controller on 192.168.85.1
Existing Network: No Domain controller. 192.168.0.x
Share Internet resources and IP Printer/Scanner on the 192.168.0.x subnet between all subnets.
In other words, I'd like to isolate each network to avoid networking conflicts and to improve security, but also need each network to have access to shared resources.
VMWare ESX supports VLAN which I assume is the best way to share a physical infrastructure between multiple, isolated networks. Will I need a Layer-3 switch as well? How would one best proceed to setup such an environment? I have no experience with VLAN. What would be the most cost effective and simple way to get this job done?