Solved

VLAN on VMware

Posted on 2014-10-01
3
392 Views
Last Modified: 2014-10-02
Hi,
 
 I like to understand the concept and purpose of VLAN in VMware environment. When we have a network with internet network IP (192.168.1.x, 10.0.0.x ... etc), every device communicates with each other using its own IP address.
 Each VM that we create in VMware will receive an IP adress from DHCP server running on, typically, Domain Controller.
 Having said that, what is the purpose or benefit of VLAN?
0
Comment
Question by:sglee
3 Comments
 
LVL 118

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
ID: 40355727
The main benefit of a VLAN (which is not specific to VMware), is the number of physical cables that can be reduced and replaced with virtual networks.

e.g. in a physical network world, a single cable carries the traffic for a single network A, another single cable carries the traffic for a single network B, using VLANs, we can segregate the traffic and send the same network A and B, down the same cables, each network is isolated in it's own VLAN A and B.

BUT, we must have networking equipment, that we can use for VLANs, what is called VLAN Tagging.

Some more info here

Have a look here

Pages 13 - 73 Discuss Networking in Detail, iuncluding trunks, VLANs, switches, and load balancing

ESXi Configuration Guide ESXi 4.1

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf

Virtual Networking

http://www.vmware.com/technical-resources/virtual-networking/virtual-networks.html

Virtual Networking Concepts

http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf

http://en.wikipedia.org/wiki/Virtual_LAN

http://en.wikipedia.org/wiki/IEEE_802.1Q
Sample configuration of virtual switch VLAN tagging (VST Mode)

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004074

http://blog.scottlowe.org/2006/04/17/vlans-and-port-groups/

How to Setup VLANs

http://www.vladan.fr/great-kb-on-how-to-configure-vlans-on-vswitches-pswitches-and-vms/

VMware ESX Server 3: 802.1Q VLAN Solutions

http://www.vmware.com/pdf/esx3_vlan_wp.pdf

http://kb.vmware.com/kb/1004127

http://kb.vmware.com/kb/1004074

http://kb.vmware.com/kb/1004252
0
 
LVL 13

Accepted Solution

by:
Michael Machie earned 250 total points
ID: 40355785
Another huge benefit of vLANs is that you can segregate your network environment as needed and also increase your available IPs. For instance, I use vLANs and different IP schemes at different offices. Also, you can segregate within the same network or across a wide network.

Example:
All of my core Servers are configured on a vLAN using a specific IP set. My desktop PCs are on another vLAN using DHCP. Also, my laptops are on a separate vLAN as well. With switching equipment you can utilize vLANs to allow or block traffic from one switch port to another. One example would be if you have a vLAN (vLAN1)for your network peripherals (printers, scanners etc) you can use a specific IP scheme for that vLAN. Then, with another vLAN (vLAn2) for your desktop PCs you can allow, within the switch port configuration, the vLAN2 devices to speak to the vLAN1 devices, or block it, depending on what you want. My staff can send prints to printers but only from vLAN2 (desktops), meaning anyone else who is on the network with say, an iPAD on the wireless vLAN (vLAN3), could not print because I do not allow the wireless vLAN(3) to see or speak to vLAN1.

Sub-netting allows more IP addresses in an environment and you can assign a sub-net to a vLAN, helping to not only control access across sub-nets but to manage and structure your various sub-nets in an easier to understand structure.
I protect my core Server sub-net from our public facing web server sub-net  by disallowing the two to communicate, thereby increasing security.

I hope I was able to explain my thoughts enough to understand.
0
 

Author Comment

by:sglee
ID: 40357304
Thanks for the information.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
In this step by step tutorial with screenshots, we will show you HOW TO: Enable SSH Remote Access on a VMware vSphere Hypervisor 6.5 (ESXi 6.5). This is important if you need to enable SSH remote access for additional troubleshooting of the ESXi hos…
Advanced tutorial on how to run the esxtop command to capture a batch file in csv format in order to export the file and use it for performance analysis. He demonstrates how to download the file using a vSphere web client (or vSphere client) and exp…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now