Capricorn80
Contributor
Contributor

Vmware 6.7 setup with Nic Teaming

Hi!

I have Dell server with 10G interface configured with Nic Teaming with Two HP Flexfabric acting as one via IRF. I am configured Bridge aggregation on HP side.

interface Bridge-Aggregation 20

port link-type trunk

port trunk permit vlan 1 110 321 202

I am specifying VLAN option on VMWARE side to 110. If I remove the VLAN option on Vmware and then change my config to below then I cannot connect to it. I want to have vlan 110 as untagged which I beleive is better way to connect to management VLAN.

interface Bridge-Aggregation 20

port link-type trunk

port trunk permit vlan 1 321 202

port trunk pvid vlan 110

Nic Teaming:

Notify switches

Yes

Policy

Route based on IP hash

Reverse policy

Yes

Failback

Yes

Just want to confirm if this setup is ok or untagging the management vlan is better option and how can I achieve that?

Thanks

0 Kudos
6 Replies
T180985
Expert
Expert

I would just leave management with a tagged VLAN unless there is a specific reason you want to have it untagged?
However if you want to use untagged....Im unsure how to configure it with HPE switches but on Cisco you essentially configure the native VLAN on your trunk ports then when you create you management port group on your dvSwitchs you dont define a VLAN. Likewise if youre using Standard Switchs, when creating your vmk port you set the VLAN to "None (0)"

Please mark helpful or correct if my answer resolved your issue. How to post effectively on VMTN https://communities.vmware.com/people/daphnissov/blog/2018/12/05/how-to-ask-for-help-on-tech-forums
0 Kudos
Capricorn80
Contributor
Contributor

Thanks. I dont mind leaving it tagged but just want to be if this is best practice and it will work well.

Sometime when I login via Webgui it just keep processing the link and I have to refresh the browse and then I can get in. I thought it may be due to tagged vlan.

I checked on HP and its pvid.

Got this from HP forum -> port trunk pvid vlan 999 <--- Defines the new Native VLAN for the port: we use the VLAN 999 in our scenario because it is unused (YMMV).

0 Kudos
T180985
Expert
Expert

VLAN tagging wouldnt cause the issue youre describing, if there is an issue with the tag being incorrect etc you simply wouldnt be able to access the management addresses in use

Please mark helpful or correct if my answer resolved your issue. How to post effectively on VMTN https://communities.vmware.com/people/daphnissov/blog/2018/12/05/how-to-ask-for-help-on-tech-forums
0 Kudos
Capricorn80
Contributor
Contributor

ok. I recall when I used to work in my previous job and used to configure settings from Network side. The VMware guy wanted me to use untagged port for VMware management vlan.

I had that in mind so thought to discuss here to be sure that if it does make any difference or not using tagged or untagged.

0 Kudos
T180985
Expert
Expert

The arguement could be made that its easier to configure without VLAN tagging but its a negligible difference... You can use either method. Usually its dependant on how the existing network designs or network security rules defined by your organisation

Please mark helpful or correct if my answer resolved your issue. How to post effectively on VMTN https://communities.vmware.com/people/daphnissov/blog/2018/12/05/how-to-ask-for-help-on-tech-forums
0 Kudos
Capricorn80
Contributor
Contributor

Ok lets take it next step. What it has to be with Network security rules?

0 Kudos