Home
Microsoft

Saturday, 14 August 2021

Home LAB step by step Networking using VMware workstation

In my Home Lab series we covered everything from a physical ESXi Host perspective, however as highlighted by many readers most of us do not have server and wish to do the lab using VMware workstation, trickiest part is networking. How to achieve networking same as a DC and route multiple VLANs.

Thanks to my friend Mr Vaibhav Tiwari who helped me understand VMware workstation product as a whole, and it is really good for performing labs with limited resources, if not all but most of the labs can be covered with it.

Lets start simple, unlike ESXi, it has three types of pre-defined network types (Host Only, Nat and Bridged).Host-Only : Machines connected to a host only network can only communicate to VMs connected same private network and host (machine on which VMware Workstation is installed).

NAT (Network Address Translation) network: NAT gives a virtual machine access to network resources using the host computer's IP address.

Bridged : In this network type virtual machine speaks to the network available on physical network card with the IP assigned to VM itself. So host and guest OS has different IP addresses.

VLAN is a way to keep traffic separate from one network to another and broadcast is limited to VLAN itself. As we can not do VLAN in workstation we can not restrict the layer 2 broadcast domain. But as its a lab environment we can overlook this fact and use it to our advantage.

As we do not have VLAN available, we cant use vlan ids on our network but for segregation. For DC networking topology sake will use same IP schema as we have used in my home lab step by step part 3-networking post.


As we created separate port groups for each network, we would not be doing that in VMware workstation. We will use default Host only network available with workstation for passing traffic for these IP subnets. As we will not use DHCP here you can uncheck use local DHCP option.

Open VMware workstation>>click on edit and select virtual network editor.


Select host only network and uncheck local DHCP service check box.


We don't need anything else here, now we are ready to deploy our CSR1000v router for routing traffic between these IP subnets.

Click on open virtual machine to import OVF or if you have ISO available use create a new virtual machine option.


In the virtual machine wizard you need to make sure you are only selecting same host only network for all interfaces.

In total we need eight interfaces on this router, 7 for the IP schema we have for nested environment and one for connecting our environment  to internet. We will add 7 interfaces which should be connected to host-only network. For internet connectivity we add one adaptor to bridged network that will be 8th adaptor.

Edit the settings of the router VM and add additional interface, you screen should look like the image below. I have connected all seven interfaces to Custom (VMnet1) network.


Now add last adaptor for internet connectivity but uncheck connect at power on box. It should be connected to bridged network and you need to assign IP from your home network. Most of the home routers have 192.168.x.x networks.

Once VM is ready for configuration kindly follow steps listed in my post Home Lab Step-by-Step Part-4-virtual router.

After completing configuration of router, connect 8th adaptor, once you assign IP of your home network you might get warning duplicate address, which you can ignore until you have assigned a conflicting IP as workstation interface has a MAC and as it is a bridged connection, it thinks same IP is used by the physical NIC of your machine.

Well your router interface config will look like this.


Now you need to add the entry on your home router as we did in my post Home Lab Step-by-Step Part-4-virtual router which will enable you to connect to your environment along with your environment will be able to connect to internet. However, if not possible with router you can add persistent route on your base machine for the networks we have created it will help you connect them from your machine but internet will not work on your nested environment.

In windows machine you can use Route add command for the same. Make sure you are using -p switch to make it persistent. In case you need to remove this route from your machine just use "route del destination network" 

To add the route type command listed below.

route -p add 172.16.0.0 mask 255.255.0.0 192.168.1.192
route -p add 172.27.0.0 mask 255.255.0.0 192.168.1.192


Now before you start testing ping to these interfaces from your base machine, which should work, you need to do a final step which is to ping your machine IP from each interface of the virtual router.

You can use extended ping command : ping "yourmachineIP" source 172.16.11.254.
(Run this command from virtual router).


I would still recommend to create these routes on your home router.



                                             
Please keep in mind when you will deploy nested ESXi host do not assign VLAN id in the network settings, just assign IP address specific to the function such as management, vMotion etc.

I hope I was able to add value, if your answer is yes, then don't forget to share and follow. 😊

If you want me to write on specific content or you have any feedback on this post, kindly comment below.

If you want, you can connect with me on Linkedin, and please like and subscribe my youtube channel VMwareNSXCloud for step by step technical videos.

6 comments:

  1. Not sure how to setup the VMware VMnet1 interfaces

    ReplyDelete
    Replies
    1. Dear BlinkyBill, When you install VMware workstation VMnet1 will be by default created in virtual network editor, on the router VM just add required number of NICs and connect them to VMnet1 network as I have shown in screenshots. Incase you do not have vmnet1 in virtual network editor then look for the vmnet which is host only and attach nics to that network. I hope I was able to answer your query.

      Delete
  2. Hello and Thank you for this great post.
    I have a question. Do I need some sort of license for the CSR-1000V (OVA)?
    I just downloaded it from the link you provided and I created a new vm from this file. However I noticed that the packers are not switched among the interfaces. Laptop ---Bridge-- >Router---Host only--->ESXi (mgmt 1611). I saw that packets from the laptop are not leaving from the output interface which is facing ESXImgmt ,in order to configure the ESXi.

    Thank you in advance.
    Nick

    ReplyDelete
    Replies
    1. Hi Nick,

      I am glad you liked the content, and thank you for appreciating.
      About the question.
      This image do not need additional license for basic functions such as routing and switching. Now what it seems you might have missed one interface on the VM which is connected in bridged mode. If possible share screenshot of your VM nics from VM settings and output of show ip int brief command.

      Delete
  3. Quick note for anyone trying to accomplish this lab in Workstation. It will work only for the segment/overlay play. VMs can talk among each other on different segment etc. However you will not be able to connect T0 router as Vmware workstation doesn't support VLANs, and that is a requirement of a VLAN segment to specify specific VLAN, once you put anything in there you won't be able to communicate between T0 Interface IP and physical network... Unless Praduman tried it and can share a trick to make it work..

    ReplyDelete
    Replies
    1. Hi Sergey

      I am running NSXT in my home lab on VMware workstation. The way I have architected is
      A) I designed PVLAN's and overlay to run inside VMware Workstation
      B) I am using PFSENSE of physical routers. T0 forwards the traffic to PFSENSE


      I have main pfsense which is connected to internet and a LAN i.e. 10.10.10.1

      I have managment pfsense for which WAN IP is 10.10.10.10 and it is pointing to main pfsense (LAN interface) as DG

      On the same managment pfsense I have LAN interface which is 10.10.20.1. This is the default gateway for the vSphere components like vSphere / NSXT and others.

      Now when you now deploy EDGE, choose the external interface same as managment pfsense WAN network = main pfsense LAN network. This way tier 0 will have an external router (main pfsense) to send the traffic.

      T0 and managment pfsense will be sending the traffic to main pfsense. Main pfsense will do the routing and provide access to internet too.

      PFSENSE supports VLAN too. Hope this helps

      Delete

Popular posts