How do you route between Virtual Networks?

  • Article

A recent question on this topic returned a series of different responses. The problem with this question is the old consulting response, "it depends".  It depends on your requirements, your available resources, and how much time do you have.

Unfortunately Virtual Server does not provide a built in router functionality so you must find another solution....I present four options.

1) The quick and dirty solution....the default gateway.

The default gateway is a router that forwards traffic to remote subnets on behalf of a host. Well it is supposed to be specified as a remote router, but if all you want to do is have routing like capability, but you really do not need packets to be routed in the traditional sense, you can set your default gateway to your own IP address and you will route your own packets. Well, what you will actually do is think that every other subnet is directly connected to your adapter and you will route all packets blindly to the subnet you are connected.

For example, if you have three machine that you need to have on separate subnets, you can use three different IP address ranges on the same virtual network.

Virtual Machine A  -  IP address = 192.168.0.1, subnet mask = 255.255.255.0, Gateway address = 192.168.0.1

Virtual Machine B  -  IP address = 192.168.10.1, subnet mask = 255.255.255.0, Gateway address = 192.168.10.1

Virtual Machine C  -  IP address = 192.168.100.1, subnet mask = 255.255.255.0, Gateway address = 192.168.100.1

When virtual machine A, B, or C attempts to send a packet to a different subnet, it sends it to default gateway (itself), and it forwards it to the default route of 0.0.0.0/0. Each of the other virtual machines will accept the packet and inspect it to determine if it should route it to the subnet it knows about.

So the good thing is that you can trick the machines into thinking they are on separate subnets when they are not.  The bad thing is that they will forward every packet blindly regardless if there is a valid subnet. There is also additional overhead because each virtual machine will inspect every packet on the network.

2) Build a virtual machine as a router

You can do this in different ways: Windows Server and RRAS, Windows Server and ISA server, or maybe a LINUX boot disk with just router functionality.  Regardless of which way you go, you are limited to routing between four subnets in a Virtual Server virtual machine. You can get past this issue by creating multiple router virtual machines and cascade them, but you will only get three additional routes for each virtual machine added since one interface will be used for cascading purposes.

This approach has impacts to the number of virtual machines you can run based on the availability of resources on your host.

3) Have the host act as the router

You can install RRAS on the host machine and use multiple physical or loopback adapters to create as many routed subnets as you require. This places performance impacts on the host, but scales better than using multiple VM routers.

4) Use an external router

If you need maximum performance or need to test router specific functions not provided by RRAS or other software routing solutions, then you will need an external hardware router.  This requires as many network adapters as routed subnets in the host and could pose a limitation on scale. You can address this issue with multiple ports network adapters to maximize the scalability.

So if you just need a quick way to trick some VMs into thinking they are on multiple subnets, use the default gateway trick.  If you need multiple subnets but 4 or less, then use the virtual machine router approach.  If you need more than 4 subnets, then you should use the host based router approach if performance it not the goal.  If performance or specific router functions are required, then go with the external router approach with multiple network adapters in the host.

Hope this helps you understand your routing options and which one might best meet your requirements.  If you have an alternative approach I would love to hear about it.

Technorati Tags: Virtual Server, Virtual Networks, Route