I have a server with adequate amount of memory and also I have a single static IP. I want to install XenServer or ESXi on my server and create bunch of virtual machines. In order to use all these virtual machines from outside world, I want to direct all the network activity of XenServer (or ESXi) to one of the virtual machines so that with use of iptables, I can configure network traffic to all other virtual machines.
Is it possible and is it the best practice for this scenario?
Is it possible? Absolutely.
Is it best practice? No, not really. I can tell you from personal experience that it's not a lot of fun to lose routed management access to the host when its VMs are down.
Yep, you can do this easily, there are lots of pre-built VMs to do just this in fact, the one I'd recommend is 'pfsense'.
What you end up doing is creating one vSwitch with two port-groups, the router gets vNICs in both P-G, one going to the outside world and one going to the internal port-group (if you have two physical NICs it might be safer to have two vSwitches, one P-G per vSwitch, it'd be safer). Then the clients talk just to the internal P-G and the router NATs or whatever between both networks.
