VMware Cloud Community
francisaugusto1
Contributor
Contributor
‎07-06-2020 09:30 AM

VLAN tag on uplink port - is it possible on ESXi?

Hi,

Is it possible to tag traffic coming from a non-trunk uplink port on ESXi?

Best,

Francis

Tags (2)
0 Kudos
4 Replies
daphnissov
Immortal
Immortal
‎07-06-2020 11:56 AM

I'm not sure what you're asking here, and also don't understand Alessandro's response. By definition, a non-trunk port must not pass tagged traffic. So if it's not tagged, there's no tags to apply nor strip. Please clarify what you're really trying to do.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
francisaugusto1
Contributor
Contributor
‎07-06-2020 12:05 PM

daphnissov

The idea is this: Suppose I am connect a WAN to a physical Nic connected to the vSwitch0. I would like to segregate that traffic to a vlan, say, vlan 60, so that only VM's connected to a port group assigned to that vlan would get that traffic.

Usually this is done by connecting the WAN to a physical switch and assigning that port to a vlan, but I wonder if it is possible to do it directly on a Nic, not going through a physical switch.

Another use case would be to select which port groups and its vlans would have data flowing through the uplink, so that we could block some traffic from getting out of the switch.

0 Kudos
daphnissov
Immortal
Immortal
‎07-06-2020 12:06 PM

No, VLANs aren't just imaginary--they have to physically exist and be tagged external to the host. So if you need VLAN segregation, you need a managed switch capable of 802.1q tagging.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos
IRIX201110141
Champion
Champion
‎07-06-2020 12:14 PM

The Great vSwitch Debate – Part 1 | Ken's Virtual Reality

Scroll down to figure #7 but you should read all chapters Smiley Wink

Regards,
Joerg

0 Kudos