Basic vSphere Networking
Vswitches have 2:
VMkennel and virtual port group.
- VMkennel use for control network managerment , Vmotions and control all connection connect to strorage.
- virtual port group use for control network from host to VM and VM to Hypervisor (host).
About vmnics, vSwitches, management and virtual machine networks
In the vSphere client the network diagram for an ESXi host may be viewed by clicking Networking on the Configuration tab:
After ESXi was installed, before it was possible to connect to it with the vSphere client, a physical network adapter (a "vmnic" in the diagram) had to be nominated to be the ESXi Management Network. An IP address also had to be assigned to Management Network interface on the the ESXi host, either through DHCP or manually through the console.
The network diagram above shows that the Management Network was assigned to vmnic0 and it has an IP address of 192.168.111.30. (192.168.111.0/24 is my home LAN. Others will most likely be different.) Whatever subnet was chosen, the VMkernel Port in the diagram is the Management Network and that's what the vSphere client is now talking to.
ESXi will name the first physical NIC it finds "vmnic0″. If vmnic0 is the management interface, ESXi will have automatically attached a virtual switch, vSwitch0, to that interface.
In addition to the VMkernel port, ESXi will also attach a Virtual Machine Port Group to the vSwitch. In the diagram above it's labeled as "Virtual Machine Network". The VM Port group is where Virtual Machines can be attached to this virtual network.
In summary, in the above diagram, vSwitch0 has both a VM Port Group (Virtual Machine Network) and a VMkernel Port (Management Network) attached.
Creating the LAN
In a small network it is quite common to use the Virtual Machine Port Group on vSwitch0 to provide the LAN interface for pfSense. That allows access to the LAN side of the pfSense virtual machine and to manage the ESXi host with the vSphere client from a single PC. Of course, the virtual machine (e.g., pfSense) and the ESXi management interface must have different IP addresses.
COMMENT: I must say here that I always separate the ESXi Management network from other networks. I won't go into the detail but there are some very good reasons for doing this. Without using VLANs, though, separation would mean that an additional NIC on the ESXi host would be dedicated only for ESXi management. What's more, another NIC would be required in the vSphere client PC to connect to the management NIC on the ESXi host. To follow that path and enough NICs are available, simply delete the Virtual Machine Port Group by clicking the Properties link above vmnic0, highlight the VM Port Group and click Remove.
Assuming there are only two NICs in the ESXi host, rename the VM Port Group from "Virtual Machine Network" to something a bit more meaningful. Click the Properties... link for vmnic0:
Highlight the Virtual Machine Network and click the Edit button.
Change the Network label to "LAN" and click OK then Close.
This makes life a little easier when we assign virtual network interfaces to pfSense.
Creating the WAN
As we're not going to deal with VLANs here, a second physical NIC is required in the ESXi host. This will be the WAN interface.
HINT: If multiple physical interfaces are available in the ESXi host, it can be a bit of a struggle to work out which one has been identified as vmnic1, vmnic2 and so on. If the MAC address of each NIC is noted down along with the slot it occupied when it was installed in the machine, look at the Network Adapters screen under the Configuration tab to match up the MAC addresses (new to ESXi 5). However, having that foresight is rare, so lacking that information the easiest way to match physical NICs to vmnics is to plug a PC or switch into them, one at a time. The speed and duplex on the Networking or Network Adapters screens should change as the interface comes up. Because VMware didn't provide a Refresh link on the Network Adapters screen, refresh by navigating to somewhere else then going back.
Now we need to link the second physical NIC (vmnic1), to a new vSwitch. Click the Add Networking link at the top right of the Networking screen and the following dialog will appear.
We are adding a Virtual Machine network so select that option and click Next.
We want this NIC to be attached to a new vSwitch so select Create a virtual switch and check vmnic1. Click Next.
As we did with the LAN, let's give this VM Port Group a more meaningful name of "WAN". Click Next.
The next dialog simply confirms that everything looks OK. Click Finish.
The networking diagram should now look like this:
EmoticonEmoticon