Hi all,
Currently I have do a simulation for VCD in my company lab. I just found out some issue in this simulation. Hope anyone can advice on this. Thank you.
Senario:
1. Create a External Network with VLAN 400 in vsphere Distribution Switch in two ESX server.
2. Create an Organization in VCD.
3. Create a network pool Network Isolation-backed with VLAN 300
4. Create a External Organization network connection- NAT routed, and select External Network(VLAN 400) and network pool (VCDNI vlan 300)
5. Create two VMs and assign same external organization network which was created in step 4.
6. If two VMs in same host, they can communication or ping to each other.
7. If two VMs in different host, they cannot communicate.
Why step 6 and step 7 gonna happen? Anything I configure wrong? Please advice on this.
Very appreciate for your help.
Thank you.
Regards
Ho
the physical switch will need to be configured for vlan 400 and 300,
vcni network is trying to encapsulate traffic on vlan 300, if this is not configured on the physical switch the vms will only be able to talk if they are on the same host.
correct its not using a pvlan Network Isolation-backed needs its own vlan which you set to 300 which it then in turn can run 1000+ mac in mac encapsulated networks within vlan 300,
configure the ports on the switch to accept vlan 300 as well and it will be sweet
This seems like the switch is not passing that vlan between hosts. Your DVS needs to be set to uplink as a trunk port, and your switch upstream needs to route the vlan 400 and 400 between the hosts.
Hi,
The dvSwitch-DVUplink is set to trunk port, I create a dv_portgroup with vlan 400 in DVS, and the physical switch only enable vlan 400.
But it still not working. Network pool in vCD is vlan 300, do I need to enable vlan 300 in physical switch too? Or no private vlan support in VCD?
Create a portgroup with VLAN 300 and connect two VMs to it and see if they can communicate while on different hosts. If not then the problem has nothing to do with VCD or VCDNI
Hi,
These two VMs cannot communicate in two different host because the upstream physical switch only configure for vlan 400. That's mean VCD not using private vlan?
the physical switch will need to be configured for vlan 400 and 300,
vcni network is trying to encapsulate traffic on vlan 300, if this is not configured on the physical switch the vms will only be able to talk if they are on the same host.
correct its not using a pvlan Network Isolation-backed needs its own vlan which you set to 300 which it then in turn can run 1000+ mac in mac encapsulated networks within vlan 300,
configure the ports on the switch to accept vlan 300 as well and it will be sweet
Yes. There is nothing magic about VCD's use of VLANs. If the VLAN is not configured in the physical switch, then it can't be used across two hosts.
ok, very appreciate for your advice.
thanks for your advice.