VMware Cloud Community
LumH
Enthusiast
Enthusiast

ESXi evaluation - questions...

Hi there...

I'm new to the VM world and am currently evaluating the ESXi product. I'm also new to the networking world, so forgive me if I'm using the wrong terms.

Am intending to use ESXi in a non-standard way - it is not to create fault tolerant server or network services, etc.

This will be a closed network (with no access to the internet).

At this time, I've installed a network with:

  • one HP Procurve 2848 switch
  • 4 computers
    2 of these have been configured as VM hosts, and each host have one VM guest (Windows 10 Pro).|
    All computers using static IP addresses with no gateway.

Test 1 - Create the network (10.100.1.0/24) and have the VMs act as "normal" computers...
10.100.1.0/24 was created under VLAN 1 (untagged) on the switch. VMs vswitch configuration was defaulted.

This was successful... All the physicals hosts and VMs can ping each other (using one physical NIC).

Test 2 - Change each VMs so they are now under VLAN 100

Switch: created VLAN 100, and tagged the ports associated with VMs.

VMs: change "VM Management" to port group 100.
This was sucessful... All the physical hosts can ping each other; The VMs can only ping each other.

Test 3 - Have a physical host and the VMs communicate under VLAN 100
I could not get this to work on my first try using the same technique in Test 2...

After searching the web, I believe it's because I was using ESXi in VST mode, and saw the note "Native VLAN ID on ESXi/ESX VST Mode is not supported. Do not assign a VLAN to a port group that is same as the native VLAN ID of the physical switch" - Is that correct?

Would I have to switch to VGT mode in order to make this work?

Test 4 - The next hurdle, is to have 2 VLANs (e.g. 100, 200) each having VMs, but the VMs configured with the same IP address.
1) VLAN 100
     VM-1 (10.100.1.100) and a physical computer (10.100.1.200)

2) VLAN 200

    VM-2 (10.100.1.100) and the other physical computer (10.100.1.200)

I don't think it's possible with the Procurve switch, but I've read some other switches can?
Is this scenario even possible?

Thanks ahead of time for looking at this!!

Any help/advice you can give is greatly appreciated.

Reply
0 Kudos
4 Replies
daphnissov
Immortal
Immortal

Test 3 - Have a physical host and the VMs communicate under VLAN 100

I could not get this to work on my first try using the same technique in Test 2...

If you set the switch ports into access mode for the systems you wish to have communication, this should work. Note that in ESXi, you don't need to change the management vmkernel port's uplink to do this, only the uplink that the VMs use for communication.

Would I have to switch to VGT mode in order to make this work?

None of your scenarios require VGT.

Test 4 - The next hurdle, is to have 2 VLANs (e.g. 100, 200) each having VMs, but the VMs configured with the same IP address.
1) VLAN 100
     VM-1 (10.100.1.100) and a physical computer (10.100.1.200)

2) VLAN 200

    VM-2 (10.100.1.100) and the other physical computer (10.100.1.200)

It depends if these VMs are on the same or different hosts. You probably understand, but these VMs that have the same L3 address will not be able to talk to each other. In #1, either configure the switchport for access mode on the ports where the physical host is attached and VM port group uplink, or in trunk mode and change the guest on the physical server to tag for that VLAN ID as well as the uplink where the VM is configured.

Reply
0 Kudos
LumH
Enthusiast
Enthusiast

Thanks for the quick answer daphnissov!

Test 3 - you replied

If you set the switch ports into access mode for the systems you wish to have communication, this should work. Note that in ESXi, you don't need to change the management vmkernel port's uplink to do this, only the uplink that the VMs use for communication.

I'm using the same commands at the physical switch as I did for Test 2 (in setting up the VMs so they could communicate under VLAN 100), to add the physical computer to VLAN 100 in access mode (tagged):

config> VLAN 100

VLAN 100> tag <port # of physical computer>

etc...

In the end, the physical computer could not ping the VMs.

Test 4 - you replied

It depends if these VMs are on the same or different hosts. You probably understand, but these VMs that have the same L3 address will not be able to talk to each other. In #1, either configure the switchport for access mode on the ports where the physical host is attached and VM port group uplink, or in trunk mode and change the guest on the physical server to tag for that VLAN ID as well as the uplink where the VM is configured.

Each VM has its own host.

I want all the computers in VLAN 100 to be completely segregated from those in VLAN 200.

Do you have an example of the ProCurve switch commands to achieve "or in trunk mode and change the guest on the physical server to tag for that VLAN ID as well as the uplink where the VM is configured." ?

I'm afraid my switch knowledge is pretty limited.

Reply
0 Kudos
LumH
Enthusiast
Enthusiast

Hmm.... I made a mistake my reply for "Test 3"... so I need to add the physical computer to VLAN 100 as "untagged" (access mode), instead of tagged?

Reply
0 Kudos
daphnissov
Immortal
Immortal

It would be really helpful to have a diagram of how you have things connected, as well as screenshots from your two ESXi hosts that show how the vswitches are configured.

Reply
0 Kudos