VMware Communities
TonyTheGator
Contributor
Contributor

ESXI Communication Problems in WorkStation

The Problem: ESXI Host can't communicate with the network when the switch port is configured as TRUNK.

Network Configuration:

- Switch Configuration: https://pastebin.com/vN1fLwnf 
- Router Configuration: https://pastebin.com/RYS79SDN  

Network Topology: https://imgbb.com/CQmjX0f  

So, the issue is as follows: when I set the switch port to Trunk mode, nothing can communicate even when I tag the management VLAN with the correct VLAN ID:

VLAN Setting on ESXI: https://ibb.co/pKNgd7y 

IP Address of ESXI Host: https://ibb.co/j395z8k 

However, when I configure the switch port to access mode and assign it to VLAN 20, I can communicate with the ESXI Host without any problems. I tried to modify it through the web interface as well, like going on the vSwitch and modifying the VLAN ID when I can see the port group. But once I put it back into trunk mode to allow the future VMs I will host to communicate through the port, it doesn't work. If anyone has any idea how to solve this, I would love to hear it.

The problem seems to be with VLAN Tagging because it appears to be the only issue. Could it be possible that my physical computer hosting the ESXI server may be causing the problem, as the ESXI server is using it as its interface and I did not configure it?

Also what i did is on my NIC on my Laptop i put a IP address in the native VLAN : https://ibb.co/jyPQ0sP  

And that allow me to communicate with the network  : https://ibb.co/47LwFmN  

Even when the port is in trunk , but for the ESXI host it cant even communicate with his default gateway when the port is in trunk mode it will only allowed it when the port is in access mode

I also activated 802.1Q Modules on my PC : https://ibb.co/qd2wV45  

By the way i also tried to put to assign the ESXI host an IP address in the native VLAN subnet and remove the VLAN tagging just to see if it would communicate ( I give the host the ip 10.10.1.10 and removed the  VLAN setting ) but the ESXI still failed to communicate with his default gateway . If someone got an idea how to make it work it would be very helpful . 😄

Tags (2)
0 Kudos
8 Replies
DCasota
Expert
Expert

Hi,

Please modify in your post the pictures as attachements and avoid obfuscated urls. As is, it seems dangerous to click on the weblinks proposed.

Without having seen the schemas/pictures, the description reminds to the three vlan tagging methods External Switch Tagging, Virtual Switch Tagging and Virtual Guest Tagging, see VLAN configuration on virtual switches, physical switches, and virtual machines (1003806) (vmware.co...

Also see KB article https://kb.vmware.com/s/article/1004074
Native VLAN ID on ESXi/ESX VST Mode is not supported. Do not assign a VLAN to a port group that is same as the native VLAN ID of the physical switch. Native VLAN packets are not tagged with the VLAN ID on the outgoing traffic toward the ESXi/ESX host. Therefore, if the ESXi/ESX host is set to VST mode, it drops the packets that are lacking a VLAN tag.

Could it be possible that my physical computer hosting the ESXI server may be causing the problem, as the ESXI server is using it as its interface and I did not configure it?
If the ESXi host is not aware of the physical configuration of the network, it's External Virtual Switching which means that you have at least one trunk port on your physical switch for several vlans, and you must know
- which physical switch port is interconnected as access port for vlan 20 to which physical nic on the ESXi host. That physical nic on the ESXi host is attached to a virtual switch, and on that virtual switch you have a port group (VLANID 0) and depending on the port group type, your management network or your VMs are in vlan 20 because of the physical switch port vlan.
- A 2nd port on your physical switch configured with the same vlan is interconnected as access port to your physical laptop. 
- For the connection between the physical switch trunk port and physical router port, a router distinguishes trunk port and access port. Only a trunk port carries traffic for several vlans simultaneously.
- If the laptop interconnects to your router also by wifi, consider setup a bridge on the laptop between wifi adapter and ethernet adapter.

 

0 Kudos
TonyTheGator
Contributor
Contributor

I unliked the url if  you could see it now please ,  i already read the article on vlan configuration and the second link don't work if you could see the links now and the config you will better understand the problem i think

0 Kudos
DCasota
Expert
Expert

A home lab configuration 1x ESXi, 1x laptop, physical switch, physical router is very common.

An External Virtual Tagging issue was the first impression after reading the description, so typically physical switch trunk port configuration (vlan 20, vlan ..), physical switch access port configuration (vlan 20 -> ESXi, vlan 20 -> laptop) and vlanid 0 on any portgroup of ESXi vswitches/portgroups would be a starting point. The weblinks contain a description about the differentiation between the three Virtual Tagging types and how to configure trunk port and access port. It's maybe a little bit confusing, but in all situations you have to configure/ensure trunk ports and access ports.

Oops, the misspelled 2nd weblink should be okay now. For me, I do not click on [paste.bin, ] weblinks for security reasons. But, that's just me. Therefore I asked about adding the pictures directly attached in the forum message. No need.

 

0 Kudos
TonyTheGator
Contributor
Contributor

Oh i understand sorry for the confusion here is all the screenshot included in the first post , i added the config file screenshot as well

The switch is separated in 2 different screenshot & the router only on 1

 

0 Kudos
DCasota
Expert
Expert

okay,  the scenario depicted in imageedit-10-7141924026.png is different as I thought.

In the scenario imageedit-10-7141924026.png, the trunkport to the laptop is the problem because VMware Workstation needs more physical nic adapters to assign them to the vESXi hosts. VMware Workstation today doesn't create virtual nic adapters and bridged mode is not enough for External Switch Tagging.

You could manage the underlying os capability of creating and configuring virtual nics yourself.

 

On Windows 11 with Hyperv, e.g. see VMware Workstation VLAN Tagging Configuration - Virtualization Howto.
An (untested!) scenario could be 2 trunked Hyperv virtual network adapters per vESXi, each bridged as VMnet in VMware Workstation. 

New-VMSwitch -Name HyperVSwitch4ESXi -NetAdapterName "Ethernet-Adapter Ethernet 1"

Add-VMNetworkAdapter -ManagementOS -Name "HyperVNic1ESXi1" -SwitchName "HyperVSwitch4ESXi" -Passthru | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList 10,20,30,40,100 -NativeVlanId 0

Add-VMNetworkAdapter -ManagementOS -Name "HyperVNic2ESXi1" -SwitchName "HyperVSwitch4ESXi" -Passthru | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList 10,20,30,40,100 -NativeVlanId 0

Add-VMNetworkAdapter -ManagementOS -Name "HyperVNic1ESXi2" -SwitchName "HyperVSwitch4ESXi" -Passthru | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList 10,20,30,40,100 -NativeVlanId 0

Add-VMNetworkAdapter -ManagementOS -Name "HyperVNic2ESXi2" -SwitchName "HyperVSwitch4ESXi" -Passthru | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList 10,20,30,40,100 -NativeVlanId 0

Add-VMNetworkAdapter -ManagementOS -Name "HyperVNic1ESXi3" -SwitchName "HyperVSwitch4ESXi" -Passthru | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList 10,20,30,40,100 -NativeVlanId 0

Add-VMNetworkAdapter -ManagementOS -Name "HyperVNic2ESXi3" -SwitchName "HyperVSwitch4ESXi" -Passthru | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList 10,20,30,40,100 -NativeVlanId 0

Then in VMware Workstation, deselect auto-bridging and configure an adapter.
Create per each HyperV virtual network adapter a VMnet in VMware Workstation and bridge them. 
Create each vESXi with two vhw network adapters, each connected to the custom VMnet. Configure promiscuous mode on the vSwitch and configure portgroups with the appropriate vlan id.

 

If this doesn't work, an alternative might be (3 vESXi x 5 vlans = ) 15 bridged HyperV virtual network adapter as VMware Workstation VMnets. In this case for External Switch Tagging, vlan id on vESXi must be 0, and not 20 as in Screenshot-20240220-190631.png

 

Be aware:
- In switch_2.png, see spelling and vlan id "switchport access vlan 20", right?
- Please change passwords (for reasons, if not already considered for the pictures).Obfuscating domain names, user names and password in pictures is totally okay, sorry for the confusion.

 

Alternatives:
A laptop usually contains one wired ethernet adapter. Additional usb-2-ethernet adapters adds more cabling.
For a dedicated baremetal ESXi, see lamw/homelab: VMware Community Homelabs (github.com).

0 Kudos
TonyTheGator
Contributor
Contributor

I tried something similar as i am on linux , i did : ip link add link enp1s0 name enp1s0.8 type vlan id 8 ( added the default gateway as well )

for each vlan and used brctl to link it in vmware as first workstation did not recognized the subinterface created , but i wanted to to the tagging directly on The Esxi Host (VST) 

as the solution to create subinterface tagging the traffic would be EST . But if it is the only solution i guess it would work .

Thanks for the detailed explanation it is very insightful 😄

0 Kudos
DCasota
Expert
Expert

Pipelines like

physical network adapter ! virtual network adapter ! bridged ! vnic ! vswitch ! portgroup

are the future. Blog about your findings! best wishes

TonyTheGator
Contributor
Contributor

For sure!