Having one ESXI VM serve DHCP addresses for two VLANs?

vmware-esxi windows-server-2016 switch vlan

In our office, I want to create two different networks. Depending on which LAN socket a cable is plugged in, I want the device to receive an IP in a different subnet.

I have a server running VMWare ESXI. On the server, Windows Server is running in a VM. I also have a HPE 1820 switch. It is my understanding that I can achive what I want with VLANs and DHCP relay, however the HPE 1820 does not support DHCP relay. So I thought as an alternative, I can configure two (virtual) interfaces on my VM, and have one receive packets from my VLAN 1, and one from VLAN 10. However, I can't get that to work.

Here is what I tried:

  • PC is connected to a port of the HPE 1820. I expect packets going into this port to have VLAN 10 added to them --> I set this port to VLAN 10 tagged.
  • The server is connected to another port of the HPE switch. I want this port to send out packets no matter the VLAN. --> I tried setting VLAN 1 and 10 both to "untagged", but a port can only be untagged for one VLAN!
  • My VM has two virtual ethernet cards. I want packets with VLAN 10 to be sent to one interface, and VLAN 1 to the other. --> I created a new port group with VLAN 10, and assigned one of the cards to it.
  • In the VM, I configure the two interfaces with different subnets. Then I create two scopes in the DHCP server, and want to use a policy to assign requests from each interface to the corresponding scope. -> Problem: I can only switch on the source MAC address, not the interface MAC address.
  • I also tried entering a VLAN in the network card's properties in the device manager.

I believe I have a misunderstanding how VLANs work. I thought I can just use the switch to tag traffic depending on which port the cable is connected to. Is there any way to get this to work without a different (Level 3) switch?

My server has some free physical interfaces. Would it work if I just partition the switch into distinct VLANs, and run two cables between the switch and the server? It seems there should be a more elegant solution.


Solution 1:

You need to bring two different VLANs to your VM; there are two ways to do that.

  1. Configure two switch ports in access mode (untagged) on the two different VLANs; connect them to two different physical NICs on the host; create two virtual switches and connect each one to a physical NIC; create a port group on each virtual switch; connect each virtual NIC of the VM to a port group on its virtual switch.

       / vNIC1-----PG1-----vSwitch1-----pNIC1-----SwitchPort1 (access VLAN 1)  
VM   
   \ vNIC2-----PG2-----vSwitch2-----pNIC2-----SwitchPort2 (access VLAN 10)

  2. Configure a single switch port in trunk mode (tagged); have it forward all VLANS to a single physical NIC on the host; create a single virtual switch and connect it to the physical NIC; create two port groups on the virtual switch and configure their VLAN IDs; connect each virtual NIC of the VM to a port group on the virtual switch.

       / vNIC1-----PG1 (VLAN 1) ----- \
VM                                  vSwitch-----pNIC-----SwitchPort (trunk)
   \ vNIC2-----PG2 (VLAN 10)----- /

Related

MDT auto-logon and update fails on when re-imagining Windows 10
GoDaddy Intermediate certificate for Apache 2.2.31 / Amazon Linux
DFS Replication server role and Remote Differential Compression feature
How to execute/run puppet class
Trying to install SSL: Private key does not match certificate
Can I alias all directory requests to a single file in nginx?
ESXi - serial console as default console
HTTPS is over 50 times slower then HTTP
Celery Daemon receives unregistered tasks
Is it possible to get a list of running processes with a Cloudwatch Alarm?
Still getting aacraid: Host adapter abort request errors after following recommended steps
LXC, Port forwarding and iptables