Re: vDS v vSS

laganit · ‎02-23-2023

Hi,

I am having an issue with vDS with vlans and private vlans.

Working scenario

port group 1 - Vlan trunk on VSS with promiscuous mode enable - 1 virtual firewall in this group

port group 2 - Vlan101 - 1 vm

port group 3 - vlan 102 - 1 vm

no physical uplink on vSS

Using rules on virtual firewall I am able to successfully segment vlan 101 and 102 blocking ping/rdp/ssh etc

Non working scenario

When then trying to move this same configuration to a vDS using either Vlans and trunk port as above or using private vlans with firewall in promiscuous primary vlan and vms in isolated vlan - no traffic from any vm is seen on the firewall.

vDS has no physical uplinks

Can anyone assist with this configuration?

Cheers

Roisin

Lalegre · ‎02-23-2023

@laganit,

I do not know if it was a mistake but you mentioned you are trying to use VDS without uplinks, meaning no vmnics, without this you will not have connectivity unless all the VMs are on the same ESXi.

laganit · ‎03-02-2023

Yes this was by design for proof of concept to keep things aligned

This is now working and poc completed