Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How come you can use 1 switch for 2 network segments

Posted on 2012-03-31
16
Medium Priority
?
732 Views
Last Modified: 2012-06-22
I have three different boxes on each of them there are six virtual computers, three on ip 192.168.0.1 and three on 172.16.0.1. Inside each host box there are two virtual switches and they are attached to the same physical NIC card of the server
Machines on 192.168.0.1 segment need to see the other virtual computers in the same ip segment but located on the other two boxes and the same with the computers on the ip segment 172.16.0.1. They do not need to exchange date between ip segments.
 Now I have only one switch, a cisco 3750, and three network cables, each server host have only one NIC. So I have the switch with three connections
How come you can use 1 switch for 2 network segments? Can the two IP segments travel on the same port at the same time?  can the IP 192.168.0.1 see its own traffic only and the 172.16.0.1 can see its own ip traffic only as well?
Now, I tried to use VLAN on the switch and divide the ports but I couldn’t because it assumes that I use two physical network cables and I do not have but only one network cable per host server.
Any help will be appreciate
0
Comment
Question by:Jorge-123
  • 8
  • 5
  • 2
  • +1
16 Comments
 
LVL 6

Assisted Solution

by:awaggoner
awaggoner earned 1000 total points
ID: 37791453
The switch port itself doesn't care what the IP addresses are.  It would be the same thing as if you daisy chained another switch to one port.  You can have multiple IP addresses going through a single switch port.  After all, a single switch can have an arp cache that can hold thousands (or tens of thousands) of MAC addresses.

A port can be configured as a VLAN trunk port to handle multiple VLAN segments.

You would need a route configured for the two segments to communicate.  Either layer 3 routing on the switch, or an actual router added to the configuration.
0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 37791465
From a VMware perspective, you can make use of port groups and tag VMs so that they can exchange data between them alone.
0
 
LVL 125
ID: 37791513
Are you using VMware vSphere which can support 802.1Q vlan tags?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:Jorge-123
ID: 37791667
Hanccocka,
 I do not know it. I know that we use the VMware vSphere client  at the workstation to communicate with the virtual computers. How I will now if this VMware vSphere software  can support 802.1Q vlan tags?
0
 

Author Comment

by:Jorge-123
ID: 37791670
awaggoner,
  If I understood this correctly, with no Vlans created, except  the default vlan1, I can connect the three network drops to three ports and  then the switch should be able to carry the network traffic and with this I mean 192.168.0.1 computers should be able to communicate with other computers on the same segment and the 172.16.0.1 should be able to do the same  and the two segments should not be able to see the traffic  of each other. Did I understand it correctly?
0
 
LVL 125

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 1000 total points
ID: 37791679
if you are using the vSphere Client, you are using VMware vSphere which supports vlans.

You can create a network trunk, to carry all the data in three vlans, down the same network ports to the ESX servers, and the VMs connected to different vlans tagged the traffic.
0
 

Author Comment

by:Jorge-123
ID: 37791686
awaggoner,
Also, if I want the segments to exchange date among them, means 192.168.0.1 can see and talk to 172.16.0.1, then I should configure different vlans like vlan1 and vlan2 and add the command IP ROUTE but in this case I will need to assign somw switch ports to the vlans and have two network drops from each server to connect the two vlans, right?
0
 
LVL 125
ID: 37791695
To Route between VLANs your switch needs to perform VLAN routing.
0
 
LVL 125
ID: 37791701
you do not need to have multiple network cards for VLANs, VLANs the benefit and advantage is the reduction of physical network ports when using vlans.
0
 

Author Comment

by:Jorge-123
ID: 37791705
Hanccocka,
Let me see if I got this right:
1. - I create “a trunk port” on the switch
2. - VMs should be connected to a “virtual switch” that is tagged vlanx
Am I getting this right or I am misunderstanding it
0
 
LVL 125
ID: 37791710
That is correct.

the trunk port carries all the VLANs.
0
 
LVL 6

Expert Comment

by:awaggoner
ID: 37791715
A multiple VLANs are not required to run multiple subnets.  You only need to route between them.  VLANs are recommended most of the time to increase security, and to isolate broadcast networks, but if your network is small enough, you don't have to have them.
0
 
LVL 125
ID: 37791722
see screenshot, ignore the fact, I've not added a NIC yet....

VLANs
but as you can see

VLAN 10 - 172.x.x Network

VLAN 20 - 192.168.x.x Network

VLAN 30 - 10.10.x.x Network

Any VM can be on any network, selected from the VM Properties next to Network Interface.
0
 

Author Comment

by:Jorge-123
ID: 37791738
Thank you all, for your answers and for your help
0
 
LVL 125
ID: 37791746
no problems, glad to be of assistance.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If we need to check who deleted a Virtual Machine from our vCenter. Looking this task in logs can be painful and spend lot of time, so the best way to check this is in the vCenter DB. Just connect to vCenter DB(default DB should be VCDB and using…
This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
Teach the user how to install ESXi 5.5 and configure the management network System Requirements: ESXi Installation:  Management Network Configuration: Management Network Testing:
Teach the user how to join ESXi hosts to Active Directory domains Open vSphere Client: Join ESXi host to AD domain: Verify ESXi computer account in AD: Configure permissions for domain user in ESXi: Test domain user login to ESXi host:
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question