Hello all,

I have a working esxi 5 installation on an IBM System X 3550 server.

What I am trying to setup now is a separate network inside ESXi, as seen in the picture I attached.

Curently I have SRV1, 2 and 3 running, bridged to eth1 on the server.
I need to add a second adapter to SRV3, where I will run a different subnet, with different virtual machines attached to it.

Did someone tried such a setup? I now have a working ESXi install, I am kinda afraid to experiment with different setups on my server.

Do you already have a second NIC in SRV3 that you want to use for this? There are a number of options for this depending on your needs.
1) If you already have a second NIC you can create a new vSwitch and then a new virtual machine port group for these VMs. Ideally you would want some NIC redundancy so the vSwitches should be attached to a couple of physical NIC ports.
2) The VMs could be attached to the existing VM port group. It doesn't matter that they're on a different subnet.
3) If you need the VMs totally isolated you could create a virtual machine port group in a new vSwitch that is not attached to any physical NIC.

Hello, thank you for the quick answer.

For 1), a secondary NIC means "add new hardware", and to create a secondary virtual NIC for SRV3, right?
Then, on this NIC, I attach a vSwitch with a new port group, to be totally isolated? The first NIC will be atached to my curent network.

Only SRV3 should be visible on the first NIC, for the curent network.

I should try this tomorrow. Thanks again!

I'm making the assumption that the host is starting with just a single NIC. If so, then with option 1
1) shutdown the host, add another NIC and boot ESXi.
2) create a new vSwitch and link it to the new NIC
3) create a new virtual machine port group linked to the new vSwitch

That said, is there a specific need to seperate the VM and host traffic (i.e. different physical networks)? If not, you could just stick with one vSwitch and add the new NIC to it. ESXi would load balance VM / management traffic and you'd get some redundancy for networking rather than just relying on a single NIC for management or VM traffic.

Hello,

I just made it work the way I wanted!

The "VM Network" port group is by default created on ESXi 5, on the physical NIC1 of the server (vmnic0) with "vSwitch0".

Now, I just created a new "Port Group", called "Test Network", in the same default "vSwitch0", with "VLAN ID 1".

Next, on SRV3, I added 2 networks card, one with the label "VM Network", one with "Test network". Next, I created the virtual machines I wanted to isolate and added the nic on "Test network label" (so the vm`s can see only SRV3).



Why I need this?
I have a client running a central server behind a Mikrotik RouterOS v5 routerboard. For about a month, the server will be unavailable, and I must host it on my server.
This central routerboard has some remote offices, on IPSec connected to the central network, so I must replicate the same on my ESXi.
SRV3 is the central routerboard (just installed RouterOS as a virtual machine), and the VM1 and VM2 are the servers running behind the router. This way I can just dump the mikrotik config on my SRV3 machine running the same version of OS, and just change the IPs.
The tunnels will be up and running, with trafic from machines isolated from my network!

Thanks a lot for your help, I don`t know if I am running the best setup scenario, I fear I might do some broadcast storm, but, for now, it seems to work and serve it`s purpose.