rmaccara
Contributor
Contributor

Adding VLAN to vSwitch

I recently moved our design department's database server to a virtual machine. The setup they were on included a VLAN from their department to the old physical server. They seem to be working OK except when making changes to their database (which is still located on their VLAN). Accessing design files etc. still works just fine as they are located on a different file server.

Is there a way to add a VLAN with their old subnet so they can keep their seperate network without adding any extra hardware? I've added a screen shot showing my networking config. I'm also trying to figure out how everything would get vmotioned - would an identical entry have to go into the networking config for each ESX host?

Thanks,

Rob

0 Kudos
6 Replies
Steve_Tron
Enthusiast
Enthusiast

Hi,

You need to do a number of things if I understand you correctly.

1 The links to on vSwitch0 on each host will need to be configured as trunks on the connecting physical switch (I would configure them for 802.3ad link aggregation also with the vSwitch configure for IP hash load balancing.)
2 Your port groups will need to be reconfigured with the correct vlan tag numbers on vSwitch0
3 Vmotion should be given its own vlan
4 Your service consoles and iSCSI should reside in the same vlan to keep things simple (keeping the nic on vSwitch1 as a non trunk non 802.3ad channel)
5. If you need to route between vlans you will need a layeer 3 switch or configure router on a stick

Regards

kjb007
Immortal
Immortal

To configure multiple VLANs on an interface, your switch interface has to be configured as a trunk. When you configure the trunk, you can define a native VLAN. If you use the native VLAN, and have that configured to be the same as your existing VLAN, then you won't need to modify any of your current config. You can configure an etherchannel as previous poster stated, but only if both your physical NICs are connected to the same switch. Otherwise, don't change your load balancing policy, and leave everything else as it currently is configured. Once you have the trunk setup and the additional VLAN allowed, then you will have to add another portgroup on vSwitch0 for the additional VLAN. You will then also have to add another vNIC to your vm and give it an IP on the old subnet. That should give you access to the old subnet.

-KjB

VMware vExpert

vExpert/VCP/VCAP vmwise.com / @vmwise -KjB
0 Kudos
Steve_Tron
Enthusiast
Enthusiast

Hi,

Good point about the same switch, there is an exception though if you are using Cisco chassis based or stackable switches ie 3750's you can create a cross switch etherchannels to protect against switch failures.

Regards

0 Kudos
rmaccara
Contributor
Contributor

I'm still a little confused, although most of your answers makes sense to me!

Leaving the existing config on the Cisco switch, can I disable the physical NIC on the old server which has the existing VLAN on it (x.x.100.1) and create a new VLAN port group on vSwitch0?

Should the IP for the VLAN in the vSwitch have the same IP as the old physical server's VLAN IP?

Then add a vNIC to the vm hosting the database with a 100.x IP address?

Thanks,

Rob

0 Kudos
kjb007
Immortal
Immortal

Without confguring the trunk, you will not be able to add in the additional VLAN. If you configure the ports to be trunks, and use the native VLAN set for the VLAN you are currently on, then you don't have to modify your existing ESX virtual networking configuration. You will have to add in another portgroup to use the new VLAN. Whether you choose to add a new vNIC to the vm and configure a new IP on the subnet you need, or to move the vm completely to the other subnet is up to you. But, you will need to configure your physical switch ports to trunk ports.

-KjB

VMware vExpert

vExpert/VCP/VCAP vmwise.com / @vmwise -KjB
rmaccara
Contributor
Contributor

Thanks - I was hoping that I wouldn't have to make any changes on the switch - I don't know that side of things at all. Smiley Sad I'm new at this and don't want to break anything!

I may end up getting rid of the existing VLAN and lumping the design computers in with the general pool. They were originally given their own VLAN years ago when they were in another province with only an old server that was tasked with many other jobs and they needed the dedicated bandwidth. That department is now located in our main building with brand new equipment and GBe links so their impact may not be very great on the system.

0 Kudos