Description of the problem: iWeb provides you with a single primary IP for your dedicated server. That IP is routed as you'd expected. If you need more than one IP, iWeb will provide you with secondary IPs on a different network. Unfortunately, iWeb does not route the traffic to those secondary IPs in a standard fashion. You need to route this traffic manually. In the case of ESXi, you assign the primary IP to the ESXi host so that you can manage it. You assign the secondary IPs to the VMs to give them network access. However, because of the iWeb routing rules, it is difficult to get this setup working. In what follows "X" is the primary network, "Y" is the secondary network, "X.1" is the gateway provided by iWeb, "X.10" is your primary IP, "Y.20-26" are the secondary IPs and "X.MAC" is the MAC address of the physical ethernet interface of your server (nic0 aka eth0). The iWeb routers route the packets having the destination IP X.10 or Y.20-26 to the ethernet segment of your server through ethernet frames bearing the destination ethernet address X.MAC. If the destination IP is X.10, this works correctly since X.MAC is the physical MAC address of the ESXi host. If the destination IP is Y.20-26, the ESXi host drops the frames because they do not bear a MAC address assigned to a virtual ethernet interface of a VM. The iWeb solution to this problem for a standard Linux server is to enable IP forwarding on the Linux server. Hence the Linux server forwards the packets to the secondary IP internally. At the time of this writing, there is no known way to enable IP forwarding on ESXi. Solutions: One solution is to put a Linux router in front of your ESXi server. If you'd rather avoid that, you can use a VM with a standard Linux system to act as a bridge for the rest of your VMs. In the rest of this document the bridge VM will be called "Bridge". The theory is explained first, the actual steps to execute follow. You configure ESXi so that Bridge has promiscuous access to the physical ethernet interface. You configure Bridge to redirect the ethernet frames bearing the ethernet destination address X.MAC and the IP destination address Y.20-26. The ethernet destination address is changed from X.MAC to the destination address of Bridge, Bridge.Mac. Bridge then forwards the ethernet frames to the VMs. Bridge requires ebtables and brctl, which are not installed by default on some Linux systems. At my company I've setup Bridge on a development ESXi server and moved it afterwards to the ESXi server at iWeb. Keep in mind that you do not have any network access on the VMs of the ESXi server at iWeb until you've got Bridge working. I am assuming here that you are using Ubuntu for your Bridge VM. Install the OS, then apt-get install ebtables bridge-utils. Be aware that Ubuntu uses udev to remember the network interfaces, so your eth0 might move to eth1. Execute those commands as root to prevent this from happening: $ rm -f /etc/udev/rules.d/70-persistent-net.rules $ rm -f /lib/udev/rules.d/75-persistent-net-generator.rules Copy, register and start Bridge on the ESXi host at iWeb. On the ESXi host vSphere console, go in Configuration->Networking->vSwitch0 properties. Click on "Add", select "Virtual Machine", click on "Next", set the network label to "BridgeNetwork", click on "Next" and "Finish". Edit "BridgeNetwork", go in the "Security" tab, check the "Promiscuous mode" checkbox, select "Accept" for Promiscuous Mode and click on "OK". Go in "Network Adapters" and note the MAC address of "vmnic0" which is the physical ethernet interface (this is X.MAC). Edit the settings of the Bridge VM. In "Network Adapter 1", select the "BridgeNetwork" connection label. You are now ready to configure Bridge. Issue the following commands as root. Be sure to replace the MAC and IP addresses to the actual values in the commands. Run 'ifconfig eth0' and note Bridge's MAC address. Enable IP forwarding on Bridge. $ echo "1" > /proc/sys/net/ipv4/ip_forward Create the bridge device br0 and assign eth0 to it. eth0 will now be controlled by the bridge device. The bridge device needs to be assigned a secondary IP address. This IP will be the IP address of Bridge on the network. $ brctl addbr br0 $ ifconfig br0 up Y.20 netmask 255.255.255.248 $ ifconfig eth0 up 0.0.0.0 $ brctl addif br0 eth0 Set up the gateway information. Since the iWeb gateway is on another network than Bridge, we have to specify the host route explicitly. The gateway must pass through br0, NOT eth0. $ route add -host X.1 br0 $ route add default gw X.1 br0 Redirect the ethernet frames to pretend they are addressed to Bridge. $ ebtables -t nat -A PREROUTING -i eth0 -p ipv4 -d X.MAC --ip-dst Y/29 -j redirect You can write all the commands above in /etc/rc.local to have them executed at boot. Also, edit /etc/network/interfaces to register only the loopback device: auto lo iface lo inet loopback Your production VMs are now ready to be deployed. Assign them a secondary IP and use Bridge or X.1 as the gateway. If you X.1 as the gateway, you'll have to add X.1 as a host manually in the routing table, as done above, but with eth0 as the interface. Note that even though a bridge technically does not need an IP, if you fail to assign one to Bridge it stops sniffing packets on its eth0 interface. I haven't investigated why this is the case. Installing ESXi at iWeb: Getting ESXi installed at iWeb is not straightforward. At my company we had to send a USB key containing the ESXi installer by mail. Ask them to set up a KVM switch so that you have BIOS access to ESXi. Make sure they give you a RAID controller that ESXi supports. Build the RAID array yourself if they didn't do it for you. Laurent Birtz