topic VM-Series Firewall on VMware ESXi - get true link status from host NICs in General Topics

VM-Series Firewall on VMware ESXi - get true link status from host NICs

LCMember4427 — Fri, 23 Feb 2018 09:53:57 GMT

Hi,

I'm in the process of deploying a VM-100 under VMWare ESXi 6.5 as standalone host (not member of a VCenter).

Everything has passed smoothly, however I want my V-100 network interface list to display the TRUE link status of each physical NIC port at the VMware host. (I.e. whether or not live cables are plugged in to their respctive host NICs).

I have tried to follow the cookbook and enabled Promiscuous mode, MAC Address Changes and Forged Transmits for every vSwitch connected to their respective vmnics. But still all VM-100 NIC display as Connected despiter when I unplug cables.

The only way I can force a VM-100 NIC display as disconnected is to disconnect its vmnic inESXi's V-100's VM settings.

What am I doing wrong? I assume it is correct that we should be able to monitor the TRUE NIC link status (i.e. cable connected or not) from the VM-100's point of view?

Thanks a lot for comments on this 🙂

best regards Tor

Re: VM-Series Firewall on VMware ESXi - get true link status from host NICs

RobinClayton — Fri, 23 Feb 2018 12:11:09 GMT

Have you got the NICS directly passed to the GUEST somehow?

Normally there is a V-Switch, the guest connects to that so assumes the link is always up. and you have to virtually unplug them as you describe.

Re: VM-Series Firewall on VMware ESXi - get true link status from host NICs

RobinClayton — Fri, 23 Feb 2018 14:59:37 GMT

Having Re-read, I can see you are using V-SWITCH.

Think of the Physicsal NIC/CABLE as being plugged into one port of the V-Swith (You don't see this) , and the VNIC is plugged into another port.

In the real world switch, if you unplug from one port the others don't go off and it is the same in V-Switch.

The V-Switch does not even need (and quite often does not have) any physical NIC or connection to the real network, traffic can hapily traverse between two or more guests on the same host(s) physicaly unconnected v-switch.