VMware Cloud Community
andrewdavid
Contributor
Contributor
‎06-23-2022 05:54 PM

Configuring Trunk and Access ports on Vmware esxi

Hi All,

Not sure I've posted in the right section. 

I'm trying to setup a lab environment on an IBM system x M3 server. The server has 8 ports apart from the built in 3 ports. I want to be able to connect devices like printer and PC to these ports (access ports)

Here is what I'm trying to achieve.

1. Use PFsense as VM and map 2 ports to it. 1-> for internet and 1-> vlan trunk (340-350)

2. The use the remaining 8 ports as access ports (the untagged vlan being 340) from the pfsense vm trunk port

Just wondering how to achieve this. 

When I connect a switch to the 2nd lan port, I'm able to get the ports as I can assign access and trunk ports on the switch, but I don't want to use another hardware. I would like to use the remaining 8 ports on the server as access ports. 

Has anyone done this type of setup?

Any help on this is greatly appreciated. Below is the visual depiction of what I want to achieve.

andrewdavid_0-1656032012260.png

 

Labels (5)
Labels
0 Kudos
1 Reply
grimsrue
Enthusiast
Enthusiast
‎06-23-2022 08:07 PM

Hello andrewdavid,

I am not quite sure what you are trying to do, but I'll try to answer your question.

I am under the assumption you are using the pfsense VM as a L3 virtual router, or Switch? If so I assume you are trying to turn those other physical NICs into what would be managed switch interfaces?

If that is what you are trying to do I am not sure if that will work the same way as a switch. You MIGHT have to use cross-over cables to make those NICs work like switch interfaces. I have never done that before so just a guess.

Option #1:
In my opinion, from the pFsense VM you would want to to create 6 vNICs and directly map those NICs straight to the Phyiscal NICs of the server. Meaning you are bypassing the Virtual Standard Switch built into ESXi. The option for the vNIC is called "Direct Path I/O". Each vNIC will essentially be a Switch/Router interface that can be setup as trunk or access. Not familiar enough with pFsense to know if that is how it works.

Your hardware also need to have the ability for pass-through which requires the NIC devices to be enabled for pass-through and as few configuration will be needed on the ESXi host and pFsense VM. The article below will help, but if you just google ESXi PCI-passthrough you will get a number of hits on mapping physical NICs to VM vNICs.
https://kb.vmware.com/s/article/2142307.

Option #2:
I am not sure if this will work or not, but the the only other way I can think of doing what you want would be to add 6 separate vNICs to your pFsense VM. Configure those vNICs as Trunked or Access interfaces, the same as option #1. You would then create 6 separate ESXi Standard vSwtiches and assign each physical NIC to each of those vSwtiches. Create a Portgroup in each vSwitch and assign VLAN "340" or "0". Assigning "340" or "0" depends on how you configured the vNIC interfaces through your PFSense UI on your VM. You would also probably need to set the portgroup security as "Accept" for MAC Changes, Forged Transmits, and Promiscuous mode.

I hope this helped? If not can then a bit more of an explanation is needed about what you are trying to do with pFsense.

 

0 Kudos