VMware Networking Community
MasterWayZ
Enthusiast
Enthusiast
‎06-22-2019 01:05 PM
Jump to solution

Accessing NSX Logical Switch through a VLAN on the physical network

Hello,

I have a Logical Switch called testnet_SW set up in NSX, it currently has one VM attached to it, along with one NSX Edge that provides NAT and DHCP. Is there a way that I can make it so that I can access this virtual network from VLAN 10 on the physical network?

Please let me know if you need more information.

Kind regards,

Michael

vExpert 2020
Reply
0 Kudos
1 Solution

Accepted Solutions
MasterWayZ
Enthusiast
Enthusiast
‎09-07-2019 03:53 PM
Jump to solution

After much time has passed, I decided to look at it again, and this time it worked.

I forgot to add trunk ports on the physical switch, I think. What matters is that it works now.

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

vExpert 2020

View solution in original post

Reply
0 Kudos
9 Replies
sk84
Expert
Expert
‎06-22-2019 01:14 PM
Jump to solution

Yes, if you configure the VLAN as a port group on your vSwitch or dvSwitch and connect it to the Edge Gateway. Or if you are using a distributed logical router with an L2 bridge:

L2 Bridges

--- Regards, Sebastian VCP6.5-DCV // VCP7-CMA // vSAN 2017 Specialist Please mark this answer as 'helpful' or 'correct' if you think your question has been answered correctly.
Reply
0 Kudos
MasterWayZ
Enthusiast
Enthusiast
‎06-22-2019 01:38 PM
Jump to solution

I have added a port group on the dvSwitch, with VLAN set to 10, and on a Logical Router I've created a bridge between the testnet_switch and the VLAN portgroup I made, called DPortGroup_VLAN10. However, packets are not coming through. Not from VLAN 10 on the physical network to the virtual network, and also not from the virtual network to VLAN 10 on the physical network.

I've attached some images to give you some extra information.

vExpert 2020
Preview file
23 KB
Preview file
37 KB
Preview file
17 KB
Preview file
24 KB
Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎06-23-2019 02:10 AM
Jump to solution

Deploy a test VM in VLAN-10 and do check the connectivity first , if that works out . Bridging will certainly work as long VXLAN stack is working.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
MasterWayZ
Enthusiast
Enthusiast
‎06-23-2019 05:02 AM
Jump to solution

After deploying a test VM, I've connected it to the VLAN-10 dvPortGroup like you said. I tried it both without a VLAN and with VLAN10.

I do have connectivity with the network without using a VLAN, but when using VLAN10 I have no connectivity.

vExpert 2020
Reply
0 Kudos
sk84
Expert
Expert
‎06-23-2019 05:15 AM
Jump to solution

To be clear:

You have set up a VM and connected it to the VLAN10 port group. And then you tried to ping a physical machine or gateway that is also in VLAN10 in your infrastructure? And that didn't work?

If so, you most likely have a misconfiguration for the VLAN10 in your physical switch infrastructure.

--- Regards, Sebastian VCP6.5-DCV // VCP7-CMA // vSAN 2017 Specialist Please mark this answer as 'helpful' or 'correct' if you think your question has been answered correctly.
Reply
0 Kudos
MasterWayZ
Enthusiast
Enthusiast
‎06-23-2019 06:11 AM
Jump to solution

I have a VM connected to the VLAN10 port group. When I try to ping the NSX Edge (which is connected to a logical switch, however I have set up a NSX Logical Router to bridge that logical switch and the VLAN10 port group), it does not work. It does work when I remove the VLAN tag on the VM that's connected to the port group.

When I try to ping that VM or the NSX Edges from a computer on the physical network, it does not see them. But, in my EdgeSwitch, they do show up in the MAC Table, and I have set up in the switch as shown in the attachment.

Update:

I created a second virtual machine on my own PC, in VMware Workstation. I set up a Ubuntu VM and set up VLAN10 on it.

After starting the pings, I opened up Wireshark. And I see that the packets from the PC VM to the NSX Edge, do have the VLAN tag set, but I see replies from the NSX Edge to the PC VM without the VLAN tag.

vExpert 2020
Preview file
21 KB
Reply
0 Kudos
Sreec
VMware Employee
VMware Employee
‎06-24-2019 10:27 PM
Jump to solution

Did you had any luck ? From your last thread, it looks like a potential VLAN tagging issue. Let me repeat what i said earlier, keep NSX configurations aside and just deploy a VM in VLAN port-group and do check Point-Point connectivity , VM to gateway or other IP's in same subnet . If this works out , bridging will be a cake walk

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
MasterWayZ
Enthusiast
Enthusiast
‎06-25-2019 05:42 PM
Jump to solution

Right now I'm having issues with getting a VM on the VLAN10 dPortGroup to talk with a physical machine on the physical switch on VLAN10. Can't seem to figure out what's wrong

vExpert 2020
Reply
0 Kudos
MasterWayZ
Enthusiast
Enthusiast
‎09-07-2019 03:53 PM
Jump to solution

After much time has passed, I decided to look at it again, and this time it worked.

I forgot to add trunk ports on the physical switch, I think. What matters is that it works now.

---------------------------------------------------------------------------------------------------------

Was it helpful? Let us know by completing this short survey here.

vExpert 2020
Reply
0 Kudos