No matter what switch you have, native VLANs are a pain under ESX. Sure, you could decide to use native VLANs, but as far as I have seen there's always trouble with them. Some switches behave very strang as soon as a mix of tagged and untagged frmes pass from or to it (I have seen the weirdest beaviour in HP Blade chassis switches). The solution I sometimes use is easy: Make VLAN 666 (evil example ) your native VLAN, and never use VLAN 666 again. That solves the whole "native VLAN" issue once and for all, because you do not use the VLAN, all traffic that is tagged enters the switch ok, all traffic leaving the switch is always tagged. If you configure all portgroups on ESX to be tagged as well (including the service console!), any untagged traffic to the switch ends up in VLAN666, coming out the other ESX ports untagged, and get nowhere (since all portgroups on the vSwitches are tagged). Do remember that if you want inter-VLAN communication, you need a router somewhere...

Visit my blog at http://erikzandboer.wordpress.com

basically,

in the ESX environment we have 4 groups, the physical host on vlan all, a server group on vlan 16, one on vlan 20 and 1 on vlan 30.

In our Cisco enviroment the native vlan is 100, the servers are on vlan16, the trunk to the esx server is configured with the following IOS commands:

int gi0/20

description Link to Virtual Switch

switchport mode trunk

switchport trunk native vlan 16

switchport trunk allowed vlan 10, 16, 20, 30, 99

spanning-tree guard root

ip dhcp-snooping trust

we tried with the trunk native on vlan 100, but we lost connectivity to the host