Solved

VLAN on VMware

Posted on 2014-10-01
3
396 Views
Last Modified: 2014-10-02
Hi,
 
 I like to understand the concept and purpose of VLAN in VMware environment. When we have a network with internet network IP (192.168.1.x, 10.0.0.x ... etc), every device communicates with each other using its own IP address.
 Each VM that we create in VMware will receive an IP adress from DHCP server running on, typically, Domain Controller.
 Having said that, what is the purpose or benefit of VLAN?
0
Comment
Question by:sglee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 120

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 250 total points
ID: 40355727
The main benefit of a VLAN (which is not specific to VMware), is the number of physical cables that can be reduced and replaced with virtual networks.

e.g. in a physical network world, a single cable carries the traffic for a single network A, another single cable carries the traffic for a single network B, using VLANs, we can segregate the traffic and send the same network A and B, down the same cables, each network is isolated in it's own VLAN A and B.

BUT, we must have networking equipment, that we can use for VLANs, what is called VLAN Tagging.

Some more info here

Have a look here

Pages 13 - 73 Discuss Networking in Detail, iuncluding trunks, VLANs, switches, and load balancing

ESXi Configuration Guide ESXi 4.1

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf

Virtual Networking

http://www.vmware.com/technical-resources/virtual-networking/virtual-networks.html

Virtual Networking Concepts

http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf

http://en.wikipedia.org/wiki/Virtual_LAN

http://en.wikipedia.org/wiki/IEEE_802.1Q
Sample configuration of virtual switch VLAN tagging (VST Mode)

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004074

http://blog.scottlowe.org/2006/04/17/vlans-and-port-groups/

How to Setup VLANs

http://www.vladan.fr/great-kb-on-how-to-configure-vlans-on-vswitches-pswitches-and-vms/

VMware ESX Server 3: 802.1Q VLAN Solutions

http://www.vmware.com/pdf/esx3_vlan_wp.pdf

http://kb.vmware.com/kb/1004127

http://kb.vmware.com/kb/1004074

http://kb.vmware.com/kb/1004252
0
 
LVL 13

Accepted Solution

by:
Michael Machie earned 250 total points
ID: 40355785
Another huge benefit of vLANs is that you can segregate your network environment as needed and also increase your available IPs. For instance, I use vLANs and different IP schemes at different offices. Also, you can segregate within the same network or across a wide network.

Example:
All of my core Servers are configured on a vLAN using a specific IP set. My desktop PCs are on another vLAN using DHCP. Also, my laptops are on a separate vLAN as well. With switching equipment you can utilize vLANs to allow or block traffic from one switch port to another. One example would be if you have a vLAN (vLAN1)for your network peripherals (printers, scanners etc) you can use a specific IP scheme for that vLAN. Then, with another vLAN (vLAn2) for your desktop PCs you can allow, within the switch port configuration, the vLAN2 devices to speak to the vLAN1 devices, or block it, depending on what you want. My staff can send prints to printers but only from vLAN2 (desktops), meaning anyone else who is on the network with say, an iPAD on the wireless vLAN (vLAN3), could not print because I do not allow the wireless vLAN(3) to see or speak to vLAN1.

Sub-netting allows more IP addresses in an environment and you can assign a sub-net to a vLAN, helping to not only control access across sub-nets but to manage and structure your various sub-nets in an easier to understand structure.
I protect my core Server sub-net from our public facing web server sub-net  by disallowing the two to communicate, thereby increasing security.

I hope I was able to explain my thoughts enough to understand.
0
 

Author Comment

by:sglee
ID: 40357304
Thanks for the information.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show you how to create an ISO CD-ROM/DVD-ROM image (*.iso), and MD5 checksum signature, for use with VMware vSphere Hypervisor 6.5 (ESXi 6.5). It's a good idea to compare checksums, because many installations fail because of a corr…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Teach the user how to configure vSphere clusters to support the VMware FT feature Open vSphere Web Client: Verify vSphere HA is enabled: Verify netowrking for vMotion and FT Logging is in place or create it: Turn On FT for a virtual machine: Verify …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question