VMware Cloud Community
Chrisk88
Contributor
Contributor

ESXI vlan tagging issue

Hi,

i apologize in advance as im  rather new to ESXI and virtualization.

i have a Server and a few vms and I’m trying to do Vlan tagging. I have set up the port groups and assigned them to individual vlans and the nic from my pc is connected to my Cisco switch that is trunking with all Vlans allowed on it (this is a homelab for playing around and learning).

problem is whenever I enable trubking my host losses connectivity but I can see the macs of the host and vms on the switch all with the same Vlan that comes from the physical nic. I feel like I’m missing something very simple.

any suggestions are appreciated and let me know what details/configs would help.

thanks in advance!

Reply
0 Kudos
15 Replies
MikeStoica
Expert
Expert

Do you have VLAN set for the physical nics?

Reply
0 Kudos
StephenMoll
Expert
Expert

I haven't done a setup for Cisco for a Looooong time, and then it was vSphere 5!

From recollection it was sometimes tricky.

Have you looked at something like this : Sample configuration of EtherChannel / Link Aggregation Control Protocol (LACP) with ESXi/ESX and Ci...

Reply
0 Kudos
malickware
Enthusiast
Enthusiast

When you say you are enabling the VLAN are you enabling for the management portgroup as well?.

Did you have the switch-port in the phy switch to allow the VLAN?.

Reply
0 Kudos
StephenMoll
Expert
Expert

That is a very good point. Easily checked and fixed from the DCUI too.

F2 > Login > "Configure Management Network" > "VLAN (Optional)"

If it is "Not set", it will need to be.

Reply
0 Kudos
Chrisk88
Contributor
Contributor

i Tried both ways.

if I set vlan on physical nic the VMs show up on my switched MAC table as tagged with whatever vlan I set on the nic.

if I set no vlan they get tagged with the native vlan.

Reply
0 Kudos
Chrisk88
Contributor
Contributor

I’ll check all the above suggestions during the day and come back with whatever I find

thanks so much for the help!

Reply
0 Kudos
CinciTech
Enthusiast
Enthusiast

I've been going through this learning experience using Mikrotik hardware.  I'm very experienced with virtualization but brand new to setting up VLANs.  I've become very acquainted with the F2 interface as each time I enable/disable the trunk it's easiest to hop on the host console and configure the management network from there and see in real-time when it pulls the (static-assigned) IP from DHCP.

One trick I've started using because I'm new to the configuration and I keep enabling/disabling the trunk: I've added a port group to the vswitch that's VLAN tagged, and one that isn't.  Then I put two NICs in each VM, one on the tagged port group and one on the untagged one.  This has saved me a bit of time reconfiguring things in the VMs for testing what I've screwed up in the VLAN setup.  I wonder if the same methodology might work for the management interface; potentially having one vmkernel port group tagged and one untagged?

Reply
0 Kudos
Buddhika01
Contributor
Contributor

Can you share a screenshot of the virtual switch?

Reply
0 Kudos
minivlab
Enthusiast
Enthusiast

Based on your post, can I assume you only have one connection from the switch to the host?  If so, your management interface is losing connectivity due to not having the proper VLAN tag.  Again, assuming you have one physical connection between the host and the switch (configured as a trunk), you will need to set the management VLAN on the ESXi console

You should end up with Switch (trunk port) -> ESXi Host -> vSwitch0

vSwitch0 should have the Management VMkernel with the appropriate VLAN tag, and any port groups with the correct tags as well.

Reply
0 Kudos
Chrisk88
Contributor
Contributor

Hey,

So i imagine it should look something like the below?

pastedImage_0.png

pastedImage_1.png

Where the VMkernel should have it's own Vlan ID?

The "DuckMaster in the VM network is a currently a disabled interface it's just there for testing purposes.

And yes my host has a vlan assigned to the NIC currently.

I apologize if im missing any questions as i'm at work.

Let me know if you need any other details!

Reply
0 Kudos
MikeStoica
Expert
Expert

What's your management VLAN id? I see in DCUI you have VLAN set to 4095 so you need to change it to your management VLAN, either from DCUI or from the vSphere console.

Reply
0 Kudos
Rubeck
Virtuoso
Virtuoso

If you have VLAN 0 defined in ESXi and trunking configured on the Cisco swicth, you'll need to define a native VLAN on this switch.

Example if your management VLAN is VLAN 5, then do a "switchport trunk native vlan 5" on the switchport where the ESXi host is connected... this will make the switch send traffic from VLAN 5 to your ESXi untagged,

/Rubeck

Reply
0 Kudos
Chrisk88
Contributor
Contributor

Hi Mike,

so just confirm the DCUI and vmkernel have to be on the same VLAN?

Reply
0 Kudos
MikeStoica
Expert
Expert

Yes, the vmkernel for management traffic.

Reply
0 Kudos
minivlab
Enthusiast
Enthusiast

You need to set the actual VLAN ID on the VMkernel. You can do this either the vSphere web client or on the ESXi console. On your screenshot of the console, you have the management VLAN set to 4095 which to VMware means trunk/all VLANs.  You need to set it to the VLAN of the actual management network.

Reply
0 Kudos