Solved

How To Connecnt Guest VM To Internet (Windows)


Badge +2

I received this answer a few days ago

[Just plug your VM on a VLAN where there is a router connected to the internet. Then either use DHCP if there is some, or configure an IP address and set your router as gateway. That’s it.]

but 
Is there anyone who can explain in more detail?
I am currently configuring guestvm with windows10
The network settings are like this

 


The port of the node where the GUEST VM is installed is directly connected to the Internet-enabled LAN

Or should I change the settings inside Windows vm? It is composed of dhcp

 

 

icon

Best answer by DavidN 8 June 2022, 15:41

View original

This topic has been closed for comments

3 replies

Userlevel 2
Badge +2


The port of the node where the GUEST VM is installed is directly connected to the Internet-enabled LAN

...

 

you should never plug directly on a node. You have to use your TOR switchs and define a VLAN, so you just put you VM on you VLAN and the VM see the router.

I advice you to read about VLAN and general switch configuration before going futher.

cheers.

Userlevel 3
Badge +5

I agree w Dominix_pf’s recommendations + adding a few thoughts:

 

This largely depends on the types of ToR switches you have (Managed/Unmanaged - VLAN capable?)

If switch is VLAN capable, you should create a separate VLAN on the switch for Guests running on the cluster (upstream router will have to know about this subnet too), add the network to the Nutanix (AHV) cluster and then you’ll be able to pick that vlan in the VM’s NIC configuration.

I believe AHV has the option to do “management” (IPAM - DHCP like features) in case your router doesn’t have that option.

 

If your ToR switches are not VLAN capable then your CVM/Hypervisor and Guest VM traffic will probably be sharing the same Subnet (which is not really best practice/recommended for security reasons.) Nutanix CVMs create internal Firewall rules that permit some inbound traffic from the same subnet as the CVMs/Hypervisor’s Management IPs. By putting Guest VM traffic into this same network, it presents another attack surface… for small environments this may be “ok” but I don’t think it’s best practice.

 

References:

AHV Networking (nutanix.com)

The Nutanix Bible

Badge +2

thank you for your kind reply