VMware Cloud Community
tova
Contributor
Contributor
‎05-27-2013 01:46 AM

ESXi 5.1.0 do not TAG VLAN frames - BUG REPORT

Hello,

in my scenario I am using more virtual switches. Traffic between VLAN xxx portgroup and TRUNK (4095) port group inside vSwitch2 is NOT tagged!

VM1 - virtual Linux firewall with 2 NICs and more internal TAP network adapters as VPN endpoints:

NIC1 - vSwitch1, TRUNK 4095, but it is not important, one of the VLAN is used to WAN connection

NIC2 - TRUNK to vSwitch2 (VLAN 4095)

(NIC2 is bridged to one of TAP adapters to my custommer's VPN)

VM2 - virtual Linux server with 1 NIC

NIC1 - vSwitch2, VLAN correspondent to VLAN at my custommer (120).

Switch Name      Num Ports   Used Ports  Configured Ports  MTU     Uplinks

vSwitch2         128         3           32                9000

  PortGroup Name        VLAN ID  Used Ports  Uplinks

  111 vlan111       111      0

  116 vlan116       116      0

  113 vlan113       113      0

  112 vlan112       112      0

  120 vlan120       120      1

  Trunk               4095     1

The problem is:

Ethernet frame from VM2 goes through port group vlan120 AND SHUT BE TAGGED. But it is not, because ON VM1 (which goes through port group Trunk 4095) is all traffic untagged.

The opposite direction is OK. It looks like port group VLAN 120 has not set PVID.

Important info:

Promiscuous mode on virtual switches is enabled.

I am using same VLAN numbers (corresponding to different VLAN networks) on other virtual switches.

No changes if I use unique VLAN numbers within vSwitch2.

No changes if vSwitch2 has attached physical NIC or not.

VM1 uses VMXNET 3
VM2 uses E1000

ESXi 5.1.0 1065491

Thanks for your help or info.

Best regards

Tomas Vasek

0 Kudos
1 Reply
snowdog_2112
Enthusiast
Enthusiast
‎08-12-2013 12:21 PM

Are you still seeing this behavior?

I am seeing similar behavior with esxi 5.1 and a Netgear switch.  I'm not convinced it's not a Netgear problem though.

I have the management VLAN on the switch (a GSM7252PS, a.k.a M5300) set to 10 (the default is 1).  I can access the switch web interface from my laptop on a port that is tagged vlan 10 and the pvid for the port set to 10.

On ports 1, 2 I have vlan 10 tagged, but a different PVID.  The esxi host has a port group in vlan 10, and I have a VM with a NIC in the vlan_10 port group.

From the VM, I can't ping/access the switch address on VLAn 10.

I have other installations with Netgear switches and esxi 5.1 and VLAN's which behave as expected.  I don't think the issue is the ESXi host, but more likely the Netgear switch.

0 Kudos