rnotaro1025,
Can you provide some more details first…
What is your motivation/driver for doing this? or What problem are you trying to solve?
How is routing configured between the L3 Switch Stack and Firewall? i.e. static, OSPF, BGP
What endpoints are in the other subnets (assuming all /24’s)? What ip/subnet’s do the VM's fall in? Any bare metal/physical endpoints?
10.1.0.X - Hosts mgmt vmk?
10.1.2.X - ?
10.1.3.X - ?
10.1.4.X -?
10.1.8.X – Transit network with only Firewall and L3 switch stack in it?
simplest way would be:
1. to set a high native vlan to say 4000
2. then for the love of mary make a vlan other than 1, like say vlan 200 as say 192.168.100.x /24 or /23 (really whatever), make what is your management vlan something else like sure 100 and the ip range of 100 is the iprange of all things management (ie ESXi hosts, NSX manager, Controlller pool, Windows DNS/AD) honest everyone has a preference, but I keep the management layer on a vSS and NSX on a vDS, call me old school
3. enable it as a trunk with encapsulation with the switchport mode trunk, switchport trunk allowed vlan [200 and/or whatever is defined for management], encapsulation dot1q on the uplink port of SFP+ going to the ESXi host
4. Setup a default gateway of 0.0.0.0 0.0.0.0 [gateway of edge firewall], assuming it's a feature rich L3, on the L3 switch, then do 5.
5. enable an ospf area 0, define a network 192.168.100.0 0.0.0.255 area 0, setup a router-id of sure 1.1.1.1
6. set the system mtu to jumbo or 9000
7. change the load balancing to src-dst-mac or src-dst-ipdepending upon what is supported on your switch
8. map the vmnic that has the uplink to the vDS PG's physical nic mapping, in the PG tag the VXLAN vlan, set MTU to 9000. Hopefully your management vlan goes over another uplink or else management would be living on the vDS too.
well this is a start, hopefully you get the idea and know how to setup he rest. This is the physical layer to ESXi, could explain the rest, but what the fun in that. 😛