Solved

Server with many IPs

Posted on 2014-07-29
6
365 Views
Last Modified: 2014-08-01
Would it cause any possible network problems if I add 10 virtual NICs to one of our VM servers, and have each of them get it's own DHCP address? Each NIC would be on a different VLAN so the DHCP server will be assigning IPs based only on that VLAN.

Here's the reason:
We are experimenting with a Cloud-based anti-virus solution which requires a relay server to communicate with the cloud. The relay server, uses Windows network discovery to tell the Cloud all the machines visible to it using its network discovery method. Unfortunately, our environment is setup such that each department is on its own subnet, and the way network discovery works, is it's only able to see machines on its own broadcast domain. So it can't traverse VLANs. So my idea was to add a virtual NIC to this VM (relay server), and have each NIC be on a separate subnet. That way the relay server VM is able to have an IP address for each of the subnets, and thus network discovery will see ALL machines on all subnets, and report this to the cloud.

Does anyone see any possible network issues with a server with this setup?

What if I try to ping this server by its DNS name, which IP would it use?
0
Comment
Question by:pzozulka
6 Comments
 
LVL 43

Assisted Solution

by:Steve Knight
Steve Knight earned 125 total points
ID: 40228428
DNS would resolve to the same subnet you request from normally or a random one otherwise - I.e. all results would be returned but the order showing first result.

You could always just register 1 card in dns if that is what you want.

If you DO want to do this don't leave it to DHCP, assign a fixed address to each interface IMO.

Seems very messy way around an odd sounding system but if it works then give it a try on a 2 nic variety first to see if the app works.

You'll only be wanting one nic with default gateway to the internet connection end or if you do go with dhcp adjust the bind order so the nic you want is top of the list.

I'm sure the supplier of the AV tool would have seen scenario before unless it is designed for small business or home type setups with one subnet?

Steve
0
 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 125 total points
ID: 40228436
I've never tried this but if it really uses windows network discovery and not multicast then this could work: http://www.experts-exchange.com/Networking/Network_Management/Network_Operations/Q_26344338.html
0
 
LVL 8

Author Comment

by:pzozulka
ID: 40228448
This is for bit defender cloud edition of endpoint security. Not sure what their recommended approach for this is.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 45

Expert Comment

by:Craig Beck
ID: 40228712
It will work fine as long as you don't register each IP in DNS, as Steve mentioned.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 125 total points
ID: 40229123
yep. it'll work fine as long as you consider the following:

some VM hypervisors have limits to the number of vNICs you can assign to a VM
ensure your server is not performing any roles that may need consideration to work with with multiple NICS (DC, Exchange, DNS)
you should usually only put default gateway on your primary NIC
assess which NIC you want to list a DNS server on. You can put one on all NICs if required but it could complicate how the server resolves names across the network etc


There may be other ways to achieve what you want but you're certainly looking at a straight forward solution.
0
 
LVL 16

Accepted Solution

by:
vivigatt earned 125 total points
ID: 40231809
One thing that nobody mentioned so far:
By doing this, you will need to make sure that all the VLANs get to your host adapter(s). It means that you have to use 802.11q trunks and tagged VLANs, and it means that the hypervisor and potentially virtual switches are able to handle tagged VLANs and to separate the packets to the correct virtual NIC in your VM.

Now there MAY be a simpler way than using several virtual NICs: assign several IP addresses to the SAME (Virtual) NIC for your VM guest. You must make sure that each IP address is correctly configured, and that each packet can reach the correct VLAN. Actually, the best is to bind the NIC to several VLANs.
On Windows OS, this usually requires some extra layer, so that you can assign multiple VLANs (and tag them accordingly) to the same NIC. It would work with most Intel cards with recent drivers. Broadcom may be supported too (but you have to configure your VM guest to use a para-virtualized Broadcom NIC so that it uses a Broadcom driver).
Check the config of my Intel Card for instance:
Intel NIC/VLANsThis would have the same result than what you plan to do, except that the Virtual NICs are created inside the VM guest instead of at the hypervisor level.
802.11q trunking and tagging is still needed, for the traffic between the host (what you call a VM server) and its swicth(es)

Check this thread for some interesting details:
http://networkengineering.stackexchange.com/questions/2563/is-it-possible-to-access-more-than-one-vlan
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Slow Internet Connection 9 54
How to block internet connection for windows7 11 60
VPN Ports 8 33
Is Fedora an appropriate distro for the environment. 7 28
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question