VMware Cloud Community
loosechanges
Contributor
Contributor
‎02-26-2016 02:22 PM
Jump to solution

Vswitch Network issue

Hello All,

I'm having some issues getting a vswitch up and hoping to get some guidance.

The setup:

There is only a single vmnic, connected to a single vswitch with a single port group.  The Vlan ID for the port group is set to 7 and the relevant vmnic is connected to an extreme  access switch which is tagging the port for vlan 7.  The access switch is trunked to a core switch where the gateway for vlan 7 resides.

I'm using a centos 7 vm and have disabled selinux for connectivity purposes.  The vm has one active network interface and the IP/mask/gw and routing tables are all good.  Now the odd thing is that the centos vm, access switch and core switch all have complete and correct arp table entries for each other, however the vm cannot ping the gateway nor vice versa.

I also tried changing the portgroup vlan ID to 0 and ALL, but neither worked.

The portgroup security settings are:

Promiscuous Mode: Accept

MAC Address Changes: Accept

Forged Transmits: Accept

Any help is appreciated.  Thank you!

Reply
1 Solution

Accepted Solutions
loosechanges
Contributor
Contributor
‎02-29-2016 08:25 AM
Jump to solution

There was an erroneous authentication policy being pushed to the physical switch port.  Everything works now.  Thanks for the input.

View solution in original post

Reply
4 Replies
hussainbte
Expert
Expert
‎02-27-2016 01:58 AM
Jump to solution

We cannot have vLAN tagging done on physical switch and vSwitch both.

You should be setting the physical switchport on trunk mode and allow vLAN 7.

Check the below linked KB.

VMware KB: VLAN configuration on virtual switches, physical switches, and virtual machines

If you found my answers useful please consider marking them as Correct OR Helpful Regards, Hussain https://virtualcubes.wordpress.com/
Reply
0 Kudos
loosechanges
Contributor
Contributor
‎02-29-2016 06:50 AM
Jump to solution

Thank you for the response.  We are using Extreme Switches with the Enterasys OS, where dot1q trunking is called Tagging.  Apologies for the confusion.

I read the article you provided.  We had it setup in EST, where the virtual port group is set to 7 and the physical switch is allowing vlan 7 on the trunk port.  I've also just tried to setup VST with the physical switch port as an access port on vlan 7 and the virtual port group set to 0, but we are still seeing the same issue.

Reply
0 Kudos
photofalk
Enthusiast
Enthusiast
‎02-29-2016 07:24 AM
Jump to solution

Hi,

can you please try to "ping" another IP address?

Have you already checked the firewall-settings of your centos-machine? I had the same issue some weeks ago. I have used the following command to fix this:

firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -p icmp -s <add your subnet here>/24 -j ACCEPT

Greetings

Falk

Reply
0 Kudos
loosechanges
Contributor
Contributor
‎02-29-2016 08:25 AM
Jump to solution

There was an erroneous authentication policy being pushed to the physical switch port.  Everything works now.  Thanks for the input.

Reply