• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1174
  • Last Modified:

Vmware network fencing

I am running lab Manager 3x version. I cannot find any documentation about 'network fencing" that answers my question. I need to know if a workspace that had VM'S WITH A dhcp SERVER RUNNING that are fenced will stop systems from outside of the fence from recieving dhcp LEASE? I do not want to accidently cause issues with the corporate network but want access from it to the vm without using lab manager.
0
GCarleton
Asked:
GCarleton
  • 5
  • 4
  • 2
1 Solution
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
I need to know if a workspace that had VM'S WITH A dhcp SERVER RUNNING that are fenced will stop systems from outside of the fence from recieving dhcp LEASE?

Yes

I do not want to accidently cause issues with the corporate network but want access from it to the vm without using lab manager.

You will still be available to access it, from your corporate network.

We use Lab Manager in this way for testing, and staging. Here's an explaination for you to consider, please let me know, if you have questions

Fencing Virtual Machines

When you deploy a configuration that includes a physical network, you can choose to isolate the configuration virtual machines from other machines on the network. This prevents IP and MAC address conflicts that could exist if multiple copies of the same machine are deployed at the same time.

Fencing a configuration isolates the virtual machines that are defined to be connected to the physical network from the datacenter network using a virtual router (VR) and bidirectional network address translation (NAT).

Typically, you want to enable network fencing under these circumstances:

You have a configuration with one or more servers, and you anticipate cloning the configuration numerous times.

You have a configuration involving a difficult and complex setup, and cloning the configuration is an easier route than repeating the setup.

From a performance perspective, network fencing impacts the traffic flow between modules. Fencing requires a slightly higher number of resources on the host, such as memory, CPU, and networking. If you enable fencing but never use it, these resources are not consumed.
Virtual machines in a configuration have preconfigured (internal) IP addresses. When you deploy virtual machines in fenced mode, Lab Manager assigns a unique external IP address to each of these machines. Through these external addresses, virtual machines both inside and outside the fence can communicate with each other. Lab Manager uses a virtual machine called a virtual router (VR) to route packets between these virtual machines. Lab Manager configures the virtual router when you deploy a fenced configuration and deletes it when you undeploy the configuration.

0
 
Danny McDanielClinical Systems AnalystCommented:
0
 
Danny McDanielClinical Systems AnalystCommented:
or if you are saying that you don't want the production systems from getting confused by the DHCP server within your configuration, then you'd want either of the other two types.
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Well if you want to know how to configure, there are pages of configuration examples in the User Guides from Page 65 Configuration Networking of the User Guide.
0
 
GCarletonAuthor Commented:
I do not want dhcp broadcasts to be seen by the systems on the outside of the fence correct.  Does the fence block broadcast domains? it appears browsiong is blocked.
0
 
GCarletonAuthor Commented:
I know how to configure it thats simple but thank you
0
 
GCarletonAuthor Commented:
I want to run a DHCP server behind the fence. I cant turn it on until I am sure this wont get past the fence. Nothing I read talks to that issue one way or another.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Yes, it will not pass through the fence (Virtual Router), because the Virtual Router, performs NAT, DHCP does not pass though NATed routers.

Broadcasts Domains are also blocked, as it peforms NAT, e.g. Netbios will not pass etc
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
the only way DHCP can transverse a NATed routers, is if you add rules for DHCP helper.
0
 
GCarletonAuthor Commented:
Ok so this does function just like a router. Thanks for the update.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Yes - VR Router.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now