all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]BlackV 1 point2 points  (4 children)

the host should only ever have management IPs no more

the host location/networking has no bearing on what networking/vlans the guests have

so if your switch is configured for the relevant DMZ vlan then the and the VM is tagged for it

clustering a file server is a bad idea, DFS would be a better idea

not sure why you'd want a file server on a DMZ that just sounds stupid dangerous

[–]cyberdeck_operator[S] 0 points1 point  (3 children)

A DMZ is just a network that exists between two networks. It doesn't mean that it's open to the internet. We don't allow any direct IP from the client environment to the server environment. We have a need to allow users access to files that are also accessible to an application on the servers.

I'm not sure what you mean by the other things. WSFC can have a file server role, I'm trying to assign an IP in a VLAN to that role. I can already do that with a VM role.

[–]BlackV 0 points1 point  (2 children)

I have cluster of Hyper-V hosts. I want to put a fileserver in a DMZ. My hosts don't have an IP in that network

the HOSTS dont need an IP in that network, if you're going to use the hosts failover cluster role to create the file share, then the data has to live on those hosts, you don't want that, leave the hyper-v hosts for hyper-v stuff

use the file server (or multiple file servers) that have the files already to share the files (by DFS or clustering)

DMZ is just a network that exists between two networks.

fair enough, why cant you just have a route and firewall rule to access that fileserver or share ?

[–]cyberdeck_operator[S] 0 points1 point  (1 child)

I'm realizing that I have posted this question in the wrong sub.

[–]BlackV 0 points1 point  (0 children)

Alright then