How to Deploy VLANs with VMware ESXi 6.5 – Support Guides

Deploying multiple VLANs allows you to create separate private networks over which only VMs attached to that network can communicate. VMware ESXi 6.5 gives network administrators the freedom and flexibility to configure their networking however best suits their unique use cases. This article will teach you everything you need to know about getting your VMs privately networked on your Dedicated Server with OVHcloud.

NOTE: The ESXi hypervisor is no longer supported by OVHcloud. Find more information on this dedicated page.

Requirements

OVHcloud Dedicated Server Running VMware ESXi 6.5

Instructions

Setting Up VLANs in VMware ESXi 6.5

VMware ESXi 6.5 will handle all traffic routing for any VMs on its host. Therefore, we first need to configure networking in ESXi to route traffic over the VLAN(s) we choose. To do this, log in to your ESXi host and select Networking on the left-hand sidebar. By default, you will be taken to the Port groups tab.

From this tab, click the Add port group button. Choose a name for your port group and a valid VLAN ID over which you want to route traffic.

NOTE: A valid VLAN ID must be between 2 and 4000.

Click the Add button when you are done and your new port group will be selected. This concludes all of the networking necessary for ESXi to route VM traffic over VLANs. However, we still need to change certain settings in our VMs to ensure that they have NICs assigned to our new port groups.

NOTE: In this example, we assume that we are changing settings on a preexisting VM. However, these same settings can be changed during the creation of a VM in ESXi.

First, click the Virtual Machines tab on the left-hand sidebar.

Click the VM in question.

NOTE: To make the following changes to your VM, the VM must be powered off.

Click the Edit button to access your VM's settings.

To route our VLAN tagged traffic, we will need to add another NIC to the VM. To do so, click the Add network adapter button and a second NIC will appear. Make sure the new network adapter is put onto the port group you created earlier in this tutorial.

You are now done with all of the network setup you need in ESXi. For examples of how to set up networking on VMs running Ubuntu 18.04 or Windows Server 2016, read on to the next two sections. If you are running a different operating system, the setup required will vary.

Setting Up Networking in Ubuntu 18.04

The final step to configuring networking for VLAN-tagged traffic is to assign the NIC a private IP address to use for routing traffic. To do so, first access your server via SSH or the built-in ESXi console. Then, enter the following command to find the name of your second interface.

$ ip add

NOTE: By default, ESXi will assign the name ens192 to the second NIC if you are using the VMXNET3 adapter. If you are not using the default adapter, it will be the second interface in the list.

We will configure the NIC that is not already configured for public networking (the one without an IP address assigned to it). To do so, open the Netplan configuration file in a text editor of your choice using the following command:

$ sudo vi /etc/netplan/01-netcfg.yaml

Once in the file, edit it to appear as follows. If you have already configured the public NIC, create the entry for the private NIC, directly below the public one. Do not delete the public NIC from the file.

# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
  version: 2
  renderer: networkd
  ethernets:
ens192:
                  dhcp4: no
                  addresses: [192.168.0.1/24]

NOTE: You can use any private IP address you choose. The CIDR notation will determine the subnet on which the different IP addresses can communicate with one another. All IPs on a VLAN must exist on the same subnet.

Save and exit the file and then apply the changes using the following command:

$ sudo netplan apply

This will apply the changes made to the Netplan configuration file. This completes the networking needed for an Ubuntu 18.04 VM to send VLAN-tagged traffic. Next, we will take a look at how to perform the same steps in Windows Server 2016.

Setting Up Networking in Windows Server 2016

NOTE: For Windows to transmit any traffic to other devices, you will need to ensure that it is discoverable by other devices. When configuring the network, make sure that it is labeled "Public" so that other computers on the same network can discover it.

If you are running Windows Server 2016, you will need to configure the Ethernet1 interface with a private IP address to route VLAN-tagged traffic. To do so, log in to your Windows VM and then enter the Server Manager. Click Local Server on the left-hand sidebar and then click the IPv4 address assigned by DHCP, IPv6 enabled button next to Ethernet1.

Now right-click the Ethernet1 adapter and select Properties from the drop-down menu.

Double-click the Internet Protocol Version 4 (TCP/IPv4) button.

Click the bullet next to "Use the following IP address" and enter a private IP address and subnet mask. Click OK when you are done.

NOTE: Remember that all private IP addresses communicating over a VLAN need to be on the same subnet. Define your subnet mask according to your needs.

Conclusion

Using VMware ESXi to configure networking over VLANs can greatly improve your data security. In this tutorial, you have learned how to configure ESXi port groups and NICs and to configure the NICs in individual VMs. We highly recommend that you take advantage of this great technology to optimize your network's performance and security.