hhk8484
Contributor
Contributor

VMs in vCloud cannot communicate if they are in different ESX host

Jump to solution

Hi all,

Currently I have do a simulation for VCD in my company lab. I just found out some issue in this simulation. Hope anyone can advice on this. Thank you.

Senario:

1. Create a External Network with VLAN 400 in vsphere Distribution Switch in two ESX server.

2. Create an Organization in VCD.

3. Create a network pool Network Isolation-backed with VLAN 300

4. Create a External Organization network connection- NAT routed, and select External Network(VLAN 400) and network pool (VCDNI vlan 300)

5. Create two VMs and assign same external organization network which was created in step 4.

6. If two VMs in same host, they can communication or ping to each other.

7. If two VMs in different host, they cannot communicate.

Why step 6 and step 7 gonna happen? Anything I configure wrong? Please advice on this.

Very appreciate for your help.

Thank you.

Regards

Ho

0 Kudos
1 Solution

Accepted Solutions
NuggetGTR
VMware Employee
VMware Employee

the physical switch will need to be configured for vlan 400 and 300,

vcni network is trying to encapsulate traffic on vlan 300, if this is not configured on the physical switch the vms will only be able to talk if they are on the same host.

correct its not using a pvlan Network Isolation-backed needs its own vlan which you set to 300 which it then in turn can run 1000+ mac in mac encapsulated networks within vlan 300,

configure the ports on the switch to accept vlan 300 as well and it will be sweet

________________________________________ Blog: http://virtualiseme.net.au VCDX #201 Author of Mastering vRealize Operations Manager

View solution in original post

0 Kudos
8 Replies
cfor
Expert
Expert

This seems like the switch is not passing that vlan between hosts.  Your DVS needs to be set to uplink as a trunk port, and your switch upstream needs to route the vlan 400 and 400 between the hosts.

ChrisF (VCP4, VCP5, VCP-Cloud) - If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful
hhk8484
Contributor
Contributor

Hi,

The dvSwitch-DVUplink is set to trunk port, I create a dv_portgroup with vlan 400 in DVS, and the physical switch only enable vlan 400.

But it still not working. Network pool in vCD is vlan 300, do I need to enable vlan 300 in physical switch too? Or no private vlan support in VCD?

0 Kudos
_morpheus_
Expert
Expert

Create a portgroup with VLAN 300 and connect two VMs to it and see if they can communicate while on different hosts. If not then the problem has nothing to do with VCD or VCDNI

hhk8484
Contributor
Contributor

Hi,

These two VMs cannot communicate in two different host because the upstream physical switch only configure for vlan 400. That's mean VCD not using private vlan?

0 Kudos
NuggetGTR
VMware Employee
VMware Employee

the physical switch will need to be configured for vlan 400 and 300,

vcni network is trying to encapsulate traffic on vlan 300, if this is not configured on the physical switch the vms will only be able to talk if they are on the same host.

correct its not using a pvlan Network Isolation-backed needs its own vlan which you set to 300 which it then in turn can run 1000+ mac in mac encapsulated networks within vlan 300,

configure the ports on the switch to accept vlan 300 as well and it will be sweet

________________________________________ Blog: http://virtualiseme.net.au VCDX #201 Author of Mastering vRealize Operations Manager
0 Kudos
_morpheus_
Expert
Expert

Yes. There is nothing magic about VCD's use of VLANs. If the VLAN is not configured in the physical switch, then it can't be used across two hosts.

0 Kudos
hhk8484
Contributor
Contributor

ok, very appreciate for your advice.

0 Kudos
hhk8484
Contributor
Contributor

thanks for your advice.

0 Kudos