VMware Networking Community
TLagro
Contributor
Contributor

Defining VLAN Tag on Uplink profile and vSphere PortGroup

Hi everyone,

I've currently installed NSX-T on a vSphere Cluster and deployed a new Edge Node inside the same cluster. When I created an uplink profile for the Edge Nodes I configured the transport VLAN as 4004. The same VLAN tag was configured on the PortGroup to which the Edge Node are connected.

The issue is, when the VLAN is defined on both Uplink Profile and Distributed PortGroup the Edge Node cannot connect to other TEPs. When I leave the VLAN on the Uplink Profile as 0, the Edge Node has connection.

Is this because the Edge Node is running inside one of the hosts where NSX-T is configured?

Thanks!

Reply
0 Kudos
5 Replies
Sreec
VMware Employee
VMware Employee

Edge VLAN tags are used for overlay and external traffic using the uplink profile and the segments/port groups that are connected to DVS. As you have defined VLAN 4004, overlay traffic will transit via respective Edge VNIC with VLAN tag 4004 and we need VGT (Virtual guest tagging) mode for VDS attached port groups/logical segments.

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
Reply
0 Kudos
TLagro
Contributor
Contributor

Hi Sreec, thank you for your reply.

I understand what you are saying, in this scenario we should be configuring the transport VLAN on the uplink profile and then set the PortGroup VLAN tag to 4095 to enable VGT.

But what I would like to understand is why in another NSX-T deployment we have done, this is working with the transport VLAN set on the Edge Node Profile Uplink and the same VLAN set on the VDS PortGroup (not VLAN 4095), and this does not work in our current deployment.

Could this be because the one that works has a separate NSX Cluster where the Edge Nodes are deployed, instead of being on the same Hosts that have NSX configured?

Thanks

Reply
0 Kudos
ShahabKhan
VMware Employee
VMware Employee

Hi,

Have you going through the following KB article? I think this is what you are looking for.

https://kb.vmware.com/s/article/83743

Reply
0 Kudos
TLagro
Contributor
Contributor

Hi ShahabKhan, thanks for your reply.

This is not particularly the case. We are using different networks for the Edge Nodes and the Host Nodes.

What I'm trying to understand is why in one scenario (NSX Edge on a dedicated cluster) I can tag the VLAN both on the Uplink Profile and the DPortGroup, and in the other scenario (Edge Node deployed on an Host Transport Node) if I configure both of them the Edge Node has no connection.

Thanks

Reply
0 Kudos
ShahabKhan
VMware Employee
VMware Employee

Hi,

In case of edge node, the vlan id tag is assigned to the TEP traffic on the edge node itself. So you don't have to connect it to a vlan port-group of vDS. On vDS, you should create a Trunk port-group & connect the edge node to the same. 

Reply
0 Kudos