We are running ESX3.5i with several vServers in one port group, set with no specific vlan, but as soon as we assign the port group to a specific vlan, we loose connectivity to it from the network.
The trunk from the physical (Cisco Catalyst 2960) switch is statically configured and encapsulating in dot1q.
if the native vlan is not the same as the vlan we are acccessing from, we lose connectivity with the physical host
Any ideas how we can configure the virtual switch / port groups to accept our trunk and native vlan?
Cheers for any help you can give
It sounds like the physical port on your switch has not been setup as a trunk (if you require multiple VLANs to be accessible through that port) or the VLAN has not been set to the VLAN tag you are assigning to the port group.
Also you can't use a vlan of 1 as thats usually the cisco switch's native vlan (if your using cisco) also once you turn vlan tagging on, on the switch side all the port groups setup in ESX need to have vlan id's added to them, including the service console network
If you found this or other information useful, please consider awarding points for "Correct" or "Helpful".
No matter what switch you have, native VLANs are a pain under ESX. Sure, you could decide to use native VLANs, but as far as I have seen there's always trouble with them. Some switches behave very strang as soon as a mix of tagged and untagged frmes pass from or to it (I have seen the weirdest beaviour in HP Blade chassis switches). The solution I sometimes use is easy: Make VLAN 666 (evil example ) your native VLAN, and never use VLAN 666 again. That solves the whole "native VLAN" issue once and for all, because you do not use the VLAN, all traffic that is tagged enters the switch ok, all traffic leaving the switch is always tagged. If you configure all portgroups on ESX to be tagged as well (including the service console!), any untagged traffic to the switch ends up in VLAN666, coming out the other ESX ports untagged, and get nowhere (since all portgroups on the vSwitches are tagged). Do remember that if you want inter-VLAN communication, you need a router somewhere...
Visit my blog at http://erikzandboer.wordpress.com
in the ESX environment we have 4 groups, the physical host on vlan all, a server group on vlan 16, one on vlan 20 and 1 on vlan 30.
In our Cisco enviroment the native vlan is 100, the servers are on vlan16, the trunk to the esx server is configured with the following IOS commands:
description Link to Virtual Switch
switchport mode trunk
switchport trunk native vlan 16
switchport trunk allowed vlan 10, 16, 20, 30, 99
spanning-tree guard root
ip dhcp-snooping trust
we tried with the trunk native on vlan 100, but we lost connectivity to the host