ESXi internal network to VM

AveryFreeman

consummate homelabber
Mar 17, 2017
268
25
28
40
Near Seattle
averyfreeman.com
Hi,

I'm trying to do something that I'm not sure if I can do without vSphere server,

I have ESXi 6.5 without vSphere (standard built-in web-client only) and I want to create an internal network (separate vSwitch) that has traffic isolated from any physical NICs

How do I do this? I created a separate vSwitch called Internal Network but I don't see any way to add a vNIC in my VM that will communicate on this switch (the only ones that come up in the VM settings are ones that are connected to physical adapters)

I thought the answer might lie in the VMKernel NICs, so I created one of those with standard IPv4 and 6 topology and gave it a separate IP address and MTU of 9000, and attached it to "Internal Network" vSwitch. Still don't see any mention of "internal network" vSwitch in the VM settings.

The end result I am trying to achieve is having a Synology Diskstation VM serving an NFS share to ESXi. I want it to avoid interfering with traffic on my physical adapters. Is this idea convoluted in some way? I know people have Napp-it and FreeNAS VMs serving disk arrays for storage of VMs to ESXi internally - what am I missing?

Thanks in advance for your help,
Avery
 

Rand__

Well-Known Member
Mar 6, 2014
5,653
1,248
113
Have you assigned the vSwitch to a PortGroup?

That is what will be ultimately assigned to vms
 

AveryFreeman

consummate homelabber
Mar 17, 2017
268
25
28
40
Near Seattle
averyfreeman.com
Have you assigned the vSwitch to a PortGroup?

That is what will be ultimately assigned to vms

Hi, yes it's assigned to a port group ... I don't see the port group showing up in the VM settings. The only PG that shows up in VM settings is "VM Network" -- here's an image of that -- I couldn't take a screenshot of the dropdown list, but it's only got that one option:

esxi_network_1.png

Here's the 3 port groups that are configured:

esxi_network_2.png

And here's the port group I'm trying to assign to the VM (Note the VMKernel NIC I tried to attach)

esxi_network_3.png

Confused why the only port groups I can attach to the VM have physical adapters.

Thanks,
Avery
 

K D

Well-Known Member
Dec 24, 2016
1,437
316
83
30041
From the top of my head this is what I did
1. Create a new vswitch
2. Create a new vnkernel nic. Select the required services. This will also create a new Port group.
3. Create another new Port group tied to the vswitch.

The port group in step 3 will be usable for VM traffic.

I'm not a vmware expert and have no clue why it is this way. Found This by experimenting while trying to achieve the same thing as you.

I'll post screen shots once I get home.
 

AveryFreeman

consummate homelabber
Mar 17, 2017
268
25
28
40
Near Seattle
averyfreeman.com
From the top of my head this is what I did
1. Create a new vswitch
2. Create a new vnkernel nic. Select the required services. This will also create a new Port group.
3. Create another new Port group tied to the vswitch.

The port group in step 3 will be usable for VM traffic.

I'm not a vmware expert and have no clue why it is this way. Found This by experimenting while trying to achieve the same thing as you.

I'll post screen shots once I get home.
Great, thank you! I was starting to think it was a limitation of the free version of ESXi...
 

AveryFreeman

consummate homelabber
Mar 17, 2017
268
25
28
40
Near Seattle
averyfreeman.com
OK, so I managed to get the 2nd port group created, I called it "internal port group" ... I created a new vNIC in my VM I want to be attached to an internal network.

All seemed to be going well, in my DiskStation 6.1 VM it showed up as a 10GBE device.

internal_port_group.png
The VMKernel NIC isn't in the port group though, it's on a separate port group in the same switch -- can they still communicate?

internal_vswitch.png

I tried creating a new VMKernel NIC attached to the Internal Port Group (instead of "services" group), but it kicked my DS 6.1 VM out of the port group (!)

I ultimately want to be able to use my DS 6.1 VM to service an ISCSI or NFS share to ESXi --- don't I have to be able to connect it to the Management Network to be able to do that?

Still confused ... but getting closer!

Thanks,
Avery
 

Rand__

Well-Known Member
Mar 6, 2014
5,653
1,248
113
A vmKernel nic offers specific vmware internal service interfaces:
upload_2017-5-14_9-43-4.png

None of these are required to run nfs. So I don't think you need a vm Kernel interface at all for nfs;)
 

Rand__

Well-Known Member
Mar 6, 2014
5,653
1,248
113
Really? Ok.
Since I moved to a distributed switche I totally forgot how I had setup my local ones...
 

AveryFreeman

consummate homelabber
Mar 17, 2017
268
25
28
40
Near Seattle
averyfreeman.com
Oh OK - so set up a VMKernel NIC without any services ?? --

On a previous subject, my VMs do appear to be able to talk to one another now through the internal network, I tested this with the DS VM and a Windows 8.1 VM ... they are on the same port group, though.
 

wildchild

Active Member
Feb 4, 2014
394
57
28
Vmkernel ports are only required for outside ip connectivity eg. ISCSI, NFS or vmotion.
However if your intent is to have your esxi host communicate to those services, you'll need an "external" ip and bonded adapter.
If your intent is internel eq. Vm to vm then there is no need
 

whitey

Moderator
Jun 30, 2014
2,774
869
113
39
We are totally making this way too hard on you. Here is what it boils down to if I read/interpreted your requirements properly.

You are going to essnetially be using a storage appliance (in this case Synology DS VM), not addressing the storage side of the house and simply focusing on the network/connectivity of getting a AIO stg appliance hooked to ESXi via a NFS export you need a few things.

(in order of how I would build them)
1. Synology DS stg appliance VM built , connected to IP SAN vlan, and presenting NFS volume/dataset.
2. vSphere Distributed Switch w/ no phys nic backing (vDS), create VM port profile defined for IP SAN vlan, attach to Synology DS VM data nic (you may have a mgmt nic as well, I dunno I don't do Synology)
3. vSphere Distributed switch (same one as above), create a VMkernel port profile for IP SAN vlan, assign IP address on IP san vlan.
4. Now ping from Synology DS VM or ESXi host (be sure to ping from proper vmk interface) on IP SAN vlan. If it works your good to mount NFS share
5. Mount storage under 'Configuration' -> 'Storage'

Profit
 
  • Like
Reactions: wildchild

dragonme

Active Member
Apr 12, 2016
297
29
28
concur...

no vcenter or dvswitch require IF you only have one host

there are plenty of good articals on how to do this by vendors such as Napp-it and freenas that will step you though it step by step

essentially you need:
a vswitch, I call mine NFS Switch I put mine on a seperate net 10.50.0.x
a vmkernal port group I called mine NFS Kernel
a vm port group called mine NFS Network
you SHOULD be able to put this on a custom tcp/ip stack in vmware but its broken so make sure you use standard port group

set a frame of 1500 .. jumbo really has no effect as its 'virtual' and not going over 'physical' tcp/ip... its just a data pipe

you will need to add network adapters to all your VMs including the disk station

you will need to setup those adapters in each vm using a gui or command line.. ie you need to up them assign addresses .. etc

to address your recent failure.. no select no services.. especially if you use NFS.. which I recommend for a whole host of reasons. not the least stability... but you can also had NFS and SMB active so you can do network file transfers from a desktop etc.. iscsi is all locked up

bobs your uncle
 

msg7086

Active Member
May 2, 2017
359
111
43
34
1. Using NFS or iSCSI on the same host requires a vSwitch attached to (1) vmkernel with a private IP (2) port group (3) not to a physical device.

2. Just a heads up, you can use the C# vSphere client to access ESXi 6.5 and do all those networking job.
IMHO It's much easier to work with than the web UI.
 

K D

Well-Known Member
Dec 24, 2016
1,437
316
83
30041
I had to redo one of my hosts and remembered this post. Took screenshots. This is an esxi 6.5 host with a freenas 11 providing storage. Since @AveryFreeman was looking to use esxi, i made the changes using the esxi web client instead of vcenter.
  1. Add Standard Virtual Switch
  2. Add VMKernel Port
  3. Add Port Group
  4. Modify the Guest VM to add a second NIC bound to the new Port Group. (You will have to manually configure the guest vm networking)
  5. Add NFS Data Store to esxi
See the attachments for details. Hope this is helpful.


01 Add Switch.png 02 Add VMKernel.png 03.png 04 Port Group.png 05.png 06 Add second NIC to guest.png 07 Check host connection.png 08 Check guestconnection.png 09.png 10.png 11.png 12.png