A question often comes up about what to do when you have a segmented virtual network that needs to be able to traverse subnets. This might happen if you’re doing some testing and don’t want the machines to contact the production network, or perhaps doing a test SRM failover and having the virtual machines in their own test network. Virtual machines in subnet (A) might need to contact other virtual machines in subnet (B) but don’t have access to the physical router any longer, so they can’t communicate. To solve this issue, how about we try a virtual router?
So here is our basic problem. Virtual Machines in the 192.168.1.0/24 subnet can’t contact the 192.168.2.0/24 subnet because there is no route between the two networks.
We are assuming that putting a physical router into the picture might not be possible because it’s a home lab where the equipment isn’t available, or the network team isn’t available to setup the networking, or maybe you just don’t know how to set that up. Our quick solution is to use a virtual router like in the below example.
Once the above solution is put in place, the virtual machines can then communicate.
Vyatta has some software that will create a virtual router that will allow you to do this. They also have an enterprise grade version if you need it for production use. The free version can be downloaded from here. http://www.vyatta.org/downloads
Once you’ve downloaded the software, you can create a new virtual machine and mount the Vyatta iso. This will take you right into the installation and configuration of the Vyatta router. To configure the router for the networks above, all we need to do is connect a network card of the virtual router to each of the vSwitches. Then assign an IP address for each of the NICs. If you set the default gateway of your virtual machines to the IP address of the virtual router, you’ll then be able to route between the two networks and the traffic should never have to leave the ESXi host.
I should add, that if your bubble network spans multiple ESXi hosts with say a vDSwitch, this setup will still work, but you will need an uplink to a physical switch. This might also not be the most efficient way to route, but should work in a pinch.
Here is my setup on the Vyatta Router. There is much more you can do with this, but the basic routing between two networks is shown below. If you would like to learn more about the product, or how to use it there are some great resources on http://www.vyatta.com/ including some free training.