Solved

Server with many IPs

Posted on 2014-07-29
6
367 Views
Last Modified: 2014-08-01
Would it cause any possible network problems if I add 10 virtual NICs to one of our VM servers, and have each of them get it's own DHCP address? Each NIC would be on a different VLAN so the DHCP server will be assigning IPs based only on that VLAN.

Here's the reason:
We are experimenting with a Cloud-based anti-virus solution which requires a relay server to communicate with the cloud. The relay server, uses Windows network discovery to tell the Cloud all the machines visible to it using its network discovery method. Unfortunately, our environment is setup such that each department is on its own subnet, and the way network discovery works, is it's only able to see machines on its own broadcast domain. So it can't traverse VLANs. So my idea was to add a virtual NIC to this VM (relay server), and have each NIC be on a separate subnet. That way the relay server VM is able to have an IP address for each of the subnets, and thus network discovery will see ALL machines on all subnets, and report this to the cloud.

Does anyone see any possible network issues with a server with this setup?

What if I try to ping this server by its DNS name, which IP would it use?
0
Comment
Question by:pzozulka
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 43

Assisted Solution

by:Steve Knight
Steve Knight earned 125 total points
ID: 40228428
DNS would resolve to the same subnet you request from normally or a random one otherwise - I.e. all results would be returned but the order showing first result.

You could always just register 1 card in dns if that is what you want.

If you DO want to do this don't leave it to DHCP, assign a fixed address to each interface IMO.

Seems very messy way around an odd sounding system but if it works then give it a try on a 2 nic variety first to see if the app works.

You'll only be wanting one nic with default gateway to the internet connection end or if you do go with dhcp adjust the bind order so the nic you want is top of the list.

I'm sure the supplier of the AV tool would have seen scenario before unless it is designed for small business or home type setups with one subnet?

Steve
0
 
LVL 39

Assisted Solution

by:Aaron Tomosky
Aaron Tomosky earned 125 total points
ID: 40228436
I've never tried this but if it really uses windows network discovery and not multicast then this could work: http://www.experts-exchange.com/Networking/Network_Management/Network_Operations/Q_26344338.html
0
 
LVL 8

Author Comment

by:pzozulka
ID: 40228448
This is for bit defender cloud edition of endpoint security. Not sure what their recommended approach for this is.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 46

Expert Comment

by:Craig Beck
ID: 40228712
It will work fine as long as you don't register each IP in DNS, as Steve mentioned.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 125 total points
ID: 40229123
yep. it'll work fine as long as you consider the following:

some VM hypervisors have limits to the number of vNICs you can assign to a VM
ensure your server is not performing any roles that may need consideration to work with with multiple NICS (DC, Exchange, DNS)
you should usually only put default gateway on your primary NIC
assess which NIC you want to list a DNS server on. You can put one on all NICs if required but it could complicate how the server resolves names across the network etc


There may be other ways to achieve what you want but you're certainly looking at a straight forward solution.
0
 
LVL 16

Accepted Solution

by:
vivigatt earned 125 total points
ID: 40231809
One thing that nobody mentioned so far:
By doing this, you will need to make sure that all the VLANs get to your host adapter(s). It means that you have to use 802.11q trunks and tagged VLANs, and it means that the hypervisor and potentially virtual switches are able to handle tagged VLANs and to separate the packets to the correct virtual NIC in your VM.

Now there MAY be a simpler way than using several virtual NICs: assign several IP addresses to the SAME (Virtual) NIC for your VM guest. You must make sure that each IP address is correctly configured, and that each packet can reach the correct VLAN. Actually, the best is to bind the NIC to several VLANs.
On Windows OS, this usually requires some extra layer, so that you can assign multiple VLANs (and tag them accordingly) to the same NIC. It would work with most Intel cards with recent drivers. Broadcom may be supported too (but you have to configure your VM guest to use a para-virtualized Broadcom NIC so that it uses a Broadcom driver).
Check the config of my Intel Card for instance:
Intel NIC/VLANsThis would have the same result than what you plan to do, except that the Virtual NICs are created inside the VM guest instead of at the hypervisor level.
802.11q trunking and tagging is still needed, for the traffic between the host (what you call a VM server) and its swicth(es)

Check this thread for some interesting details:
http://networkengineering.stackexchange.com/questions/2563/is-it-possible-to-access-more-than-one-vlan
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Connecting via HTTP / HTTPS 10 81
Determine Network Portion and Host portion of  IPV6 IP 8 72
Reasons for disabling SMB signing? 5 51
is a device online 4 44
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question