Candela Technologies Logo
Network Testing and Emulation Solutions

Install LANforge on ESXi Server (Version 8)

Goal: Install LANforge on an ESXI Server, and confirm DHCP can be served over VLANs.

In this test scenario, we use a system compatible with ESXi version 8. ESXi version 8 can run 2 lanforge VMs on 2 different VLANs, host DHCP on one VLAN, and acquire DHCP leases on the other VLAN through a WANlink. This outlines expected behavior and uses cases for VLANs and WANlinks between LANforge and ESXi version 8. Requires LANforge version 5.3.5 or higher.

 
  1. Configuring ESXi Server ver. 8.02
    1. This scenario was built upon ESXi 8.02 build 23305546, using a CT-525 with a 4 port 1g nic as well as an accompanying TPLink SG105E Smart Switch.
    2. Log into TPLink SG105E 5 port Smart Switch (usually defaults to 192.168.0.1). Assign ports 2 and 3 to a VLAN, name 8 with ID 8. Assign ports 4 and 5 to a VLAN, name 9 with ID 9. Port 1 will be the assigned trunk port.
    3. In ESXi, create 3 vSwitches. vSwitch0, vSwitch8, vSwitch9. vSwitch0 should have been created and configured by default as the management switch. vSwtich8 connects to ports 1 and 2 on the host port, this corresponds to vmnic8 and vmnic9. vSwtich9 connects to ports 3 and 4 on the host port, which corresponds to vmnic 10 and 11. Vmnic numbers may vary.
    4. vSwitch0 screenshot
    5. vSwitch8 screenshot
    6. vSwitch9 screenshot
    7. Next, create 2 port groups. First port group named VLAN8 with an ID of 8, assign vSwitch8 to it, inherit all settings from vSwitch8. screenshot
    8. Create another port group named VLAN9, with an ID of 9, assign vSiwtch9 to it as well, inherit all settings from vSwitch9. screenshot
    9. Create a LANforge VM. screenshot
    10. Install Fedora and then LANforge on the VM. See also: lfserver install.
    11. After successful VM creation and Fedora 34 install, power off the VM.
    12. Add network ports to the VM for VLAN8 and VLAN9.
  2. Open the terminal and type: vim /etc/sysctl.conf screenshot
  3. Here, at the bottom of this file, we will add this line: net.ipv4.conf.br0.proxy_arp=1, this will keep proxy arps consistent across reboots.
  4. Finally, run the command: sysctl -p to force reload system settings. screenshot
  5. Open LANforge GUI, and in Netsmith tab, right click -> new bridge.
  6. Uncheck DHCP option for bridge, name it br0. screenshot
    1. Apply and Sync in Netsmith.
    2. In Port Mgr tab, double click the the newly created bridge (in this example, it is br0).
    3. Make sure DHCP is unchecked, and all Gateway, IP, DNS are set to 0.0.0.0.
    4. At the bottom, underneath the buttons that say Add Ports and Remove Ports, type eth1 and press enter, then eth2.
    5. Click `Add Ports`, Click Apply, then Sync. Once eth1 and eth2 show up under configured as well as current ports, then close the bridge editing tab. screenshot
    6. In Port Mgr, there will be no IP's showing up here. This is because we're simply redirecting traffic from one VLAN to the next VLAN. If we want IP's here, we need to make a redirect device to spawn off some IP's. screenshot
  7. Have devices (on VLAN9) request DHCP from the server so we can see DHCP crossing through LANforge.
  8. Highlight the downstream port, eth2, and click sniff packets. Here, we are looking for signs of a DHCP Request and a DHCP ACK external to this virtual lanforge. screenshot
    1. Verify traffic flow with the ping command. Use external IPs to the virtual LANForge, because traffic originating within LANforge will only give a partial network traffic route between VLANs. Ping -I 172.16.0.1 172.16.0.32.
  9. If we are not seeing anything relating to DHCP on wireshark, then check the VLAN configuration in ESXi. Neither VLAN should be configured with EST or VGT tagging modes. (VLAN IDs need to be between 1 and 4094).
  10. When setting VLAN IDs to [0] you set the vSwitch to External Switch Tagging mode. When setting the VLAN IDs to [4095] you set the vSwitch to Virtual Guest Tagging mode. Please set the VLAN IDs to the corresponding incoming VLAN ID's. This sets the vSwitches to Virtual Switch Tagging mode. In our lab testing, an external switch was used and two tagged ports were created, one containing VLAN 8 and one containing VLAN 9. In ESXi, these port groups should be ID'd the same, 8 and 9.
  11. Verify upstream and downstream ports.
    1. Verify upstream port (this is eth2, on the QVLAN9 network) in LANforge with `sudo tcpdump -ni eth2`, the interface for the upstream port can be addtionally verified in ESXi under Networking -> Port Groups -> VLAN8. vSwitch topology will show VM's the VLAN services, including the MAC ADDR of the upstream port, as well as the physical adapters on the otherside of the topology.
    2. Verify downstream port (this is eth1 introducing DHCP to the LANforge and on the VLAN8 network), with `sudo tcpdump -ni eth1`, the interface for the upstream port can be addtionally verified in ESXi under Networking -> Port Groups -> VLAN9. This is a similar process as the previous step.
Candela  Technologies, 2417 Main Street, Suite 201, Ferndale, WA 98248, USA
www.candelatech.com | sales@candelatech.com | +1.360.380.1618
Facebook | LinkedIn | Blog