VMware Cloud Community
HBBC
Contributor
Contributor
‎08-24-2007 03:11 AM

Portgroups "Losing" their VLAN ID when moving VMs into them

We've just had a situation where we had some P2V'd VMs that were supposed to be in an isolated (VLAN'd) portgroup "leaking" onto the production network.

We had a PortGroup defined, with a VLAN ID, but when looking at it within networking, it just had:

Virtual Machines | VLAN ID *

Which looks suspiciously like a PG without a vlan.

We proved the "leakage" by running pings to physicals, which were erratic until we shutdown the P2V'd VMs.

We repeated the process by creating a new PG with a VLAN ID, which correctly displayed it as such in the SC, but as soon as we added a VM, it changed to VLAN ID * as in the above example.

How can we tell when a PG is properly VLAN'd? I know there is no route for the VLAN we were using onto the production network so how come we were getting "pollution"?

Rather odd, but also rather worrying...

Paul

0 Kudos
3 Replies
BUGCHK
Commander
Commander
‎08-24-2007 04:26 AM

I have a virtual switch with a single port group that does not use VLAN tagging. There are some VMs attached and I see "VLAN ID*" as well.

You could try to click this little icon left from the port group box:

\+------+

\| |

\+------+

//

In my case, I see "VLAN ID none".

Or you can run the command esxcfg-vswitch -l[/b] on the service console.

0 Kudos
HBBC
Contributor
Contributor
‎08-24-2007 07:06 AM

Either way I look at it, it defnitely shows that a VLAN has been configured...

0 Kudos
darren_boyd
Enthusiast
Enthusiast
‎08-24-2007 01:49 PM

When you look at the CAM table on the physical switch you should only see the pNIC's MAC on the VLAN (and appropriate destination port) you have configured it for. Are you able to verify that info?

0 Kudos