Recently, as I was perusing the latest postings to one of the many listservs to which I'm subscribed, I came across a comment that I found interesting. In it, the poster – a database administrator – was asking a question related to how a virtual machine handles network connectivity. In his message, the poster indicated that his understanding of VMware leads him to believe that a virtual machine running under VMware uses a different IP address than the rest of the network and, as a result, he was questioning how he should go about poking an appropriate hole in his firewall to allow outside traffic to this VM.
His query made me realize that, although virtualization has become a hot topic in many places, the ins and outs of the technology are not always well understood. A few years ago, when I was an IT Director at a different college than the one at which I now work, I introduced virtualization to the network team at the time and was met with a multitude of questions. Among the questions were concerns about how the virtual machines would be managed, how they would communicate on the network, and so forth.Â
There are certainly some differences between managing physical vs. virtual machines, but the overall concept is identical – you attach to the console and manage the machine. Want to add RAM? Bring down the machine and add the RAM. For a physical machine, this means tearing off the cover and adding RAM modules. For a virtual machine, this means opening the VM properties and assigning more RAM.
On the network communications front, most virtualization software provides two modes of network communication: Bridged or NAT. When using bridged mode, which is the most common, the virtual machine gets an address based on the VLAN assignment, if any, for the VM's virtual network connection. The virtual machine communicates directly with the network and traffic does not need to be routed by the virtual host, except to pass it through the host NIC. Under NAT mode, the VM is assigned an address from a virtual network created by the virtual host. The VM communicates with the outside world by routing its traffic through the host.
In answer to the poster's question regarding firewall holes, he would have to do nothing more than assign a static IP address to the VM and handle the firewall side as he would with any other machine. In short, he should just look at the VM as another server on his networsk… no more, no less. Once that abstraction leap is made, it's very easy to think about virtualization. With virtualization, things don't have to get more complex.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
