Creating an isolated network between two virtual machines
Article ID: 306548
Updated On:
Products
VMware vCenter Server
VMware vSphere ESXi
Issue/Introduction
This article provides information on setting up an environment where two virtual machines can connect over a private network on a vNetwork Standard Switch (vSS) or a vNetwork Distributed Switch (vDS).
This is useful when testing an application, or when you are required to have two virtual machines communicating with one another through a private network without interfering with the production and any other network traffic.
This is useful when testing an application, or when you are required to have two virtual machines communicating with one another through a private network without interfering with the production and any other network traffic.
Resolution
To create an isolated network between two virtual machines on a vNetwork Standard Switch (vSS) or a vNetwork Distributed Switch (vDS):
- Identify the two (or more) virtual machines that require private network connections.
- Ensure the two virtual machines are on the same ESXi host to allow for the use of virtual switches with no uplink adapters.
- On a vSS, create a new vSwitch with no uplink adapters attached and name it accordingly.
- If you are using vDS, create a dvSwitch/dvPortGroup and name it accordingly.
- Ensure there are no physical network cards (vmnics) attached to vSS/vDS as an uplink.
- Identify the two virtual machines that require private network access to each other and add an additional virtual network adapter to each virtual machine. To add a virtual network adapter, go to Edit Settings of the virtual machine, click Add and select Network Adapter from the list of devices.
- Verify that both virtual machines have two vNICs (one or more for their regular virtual machine/Production Network and one for private network/heartbeat network that was just added.
- On the vSS/vDS, verify that only those two virtual machines are using the internal portgroup/dvPortGroup that was created.
- Login to the Guest OS of each of the virtual machines and assign a static IP address to the new internal network adapter.
Note: You must follow the guidelines for the particular operating system you are running on each virtual machine.
- Ensure there is no firewall setting that can block the ICMP traffic on the newly added Interface. If one is configured, disable blocking.
- Run a ping test from one virtual machine to the other virtual machine using the command line option ("CMD" on Windows and "Shell" on Linux).
- Verify that the ping is successfully going back and forth between two virtual machines without any drops.
Note: When using virtual switches without any uplink adapters, the virtual machines must reside on the same host in order to communicate with each other. vMotion is not possible in such situations.
Additional Information
Feedback
Yes
No
Powered by
