Re: Need Some help

mohsinkhan · ‎07-15-2011

Dear all,

1)i have two esxi host in my lab enviroment, i have created different port group on standard switch and assign different vlan id's.

for eg

port group vlan id

test-network 65

on both esxi host.

i only want to communicate the vm's created on these port group. i have cisco 2950 manageable switch, and a configure vlan 65 on its fa 0/2-6 ports.

now the failure is that my workstation and the esxi host pinging fine but the vm on both hosst contains the vlan 65 id donot ping each other and with the workstation.

please guide me wats the solution

2) i have one more question

i configure trunk port on my Fa ethernet port on 2950 and i connect both the esxi host and the client machine. the configuration is below,

interface Fa 0/10 - 12
switchport                                        (Set to layer 2 switching)
switchport trunk encapsulation dot1q (ESX/ESXi only supports dot1q, not ISL)       Note:    (this command is not run in my cisco 2950 switch but when i show trunk interfaces it show 802.1q encapsulated )
switchport trunk allowed vlan 50-65 (Allowed VLAN to ESX/ESXi . Ensure ESX/ESXi VLANs are allowed)
switchport mode trunk                       (Set to Trunk Mode)
switchport nonegotiate                      (DTP is not supported)
no ip address
no cdp enable                                  (ESX 3.5 or higher supports CDP)
spanning-tree portfast trunk               (Allows the port to start forwarding packets immediately on linkup)

and i assign the vlans to the port group of esx server like

port group vlan-id

test-network 65

vm-network 50

management 50

the client machine and the Esxi host not ping each other kindly suggest solution with both question.

Regards,

-Mohsin Khan

SteveFuller2011 · ‎07-15-2011

Hi,

Can you provide exact details of what you have connected to which ports on the Cisco switch please? I assume the ESX servers are on the Fa0/10-12, but it's not clear from what you've written what's connected to Fa0/2-6.

Regards

mohsinkhan · ‎07-15-2011

hi steve,

i have one uplink to each esxi host and i connect Fa0/2 esxi host one fa0/3 esxi host two and fa0/4 to the client machine. this is in the first test enviroment for only one vlan traffic like 65.

in the other test environment i have two esxi host and i configure trunk port for carrying multiple vlan traffic. in this enviroment fa0/10 connecting client machine,fa0/11 connecting esxi host 1, fa0/12 connecting esxi host 2. in this scenario i pass multiple vlan traffic of port group to esxi host. for eg,

management traffic 50

vmnetwork 50

test network 65

Note these two envirnment are isolated to each other.

SteveFuller2011 · ‎07-15-2011

For the 1st test envionment I think the problem may be that you have different vSwitch and Cisco switch settings. When you assign a VLAN ID as 65 on the ESX vSwitch this will mean the vSwitch uplinks i.e., those to the Cisco switch, are now running with 802.1Q VLAN trunking. As the Cisco switch port are configured as standard switcports they will not understand the VLAN tag assigned by the ESX host. Take a read of page 6 and 7 of http://www.vmware.com/pdf/esx3_vlan_wp.pdf to help understand the VLAN tagging mechanisms on the vSwitch.

I'm still not sure of your 2nd environment. Can you give an idea of the IP addresses you've assigned to each VLAN, what IPs you've assigned to the client, ESX hosts and any VMs, and then what can and can't ping each other?

The other general point to note is that while you state the two environments are separate, as both use VLAN 65, they are part of the same broadcast domain. If you really want separation perhaps you should consider using unique VLAN numbers for each environment.

Regards

mohsinkhan · ‎07-15-2011

my second environment is totally isolated to the first one it doesnot have the vlan id 65(one environment is tested at one time). in this envirnment i configure three trunk port. through this command

interface Fa 0/10 - 12
switchport                                        (Set to layer 2 switching)
switchport trunk encapsulation dot1q (ESX/ESXi only supports dot1q, not ISL)       Note:    (this command is not run in my cisco 2950 switch but when i show trunk interfaces it show 802.1q encapsulated )
switchport trunk allowed vlan 50-65 (Allowed VLAN to ESX/ESXi . Ensure ESX/ESXi VLANs are allowed)
switchport mode trunk                       (Set to Trunk Mode)
switchport nonegotiate                      (DTP is not supported)
no ip address
no cdp enable                                  (ESX 3.5 or higher supports CDP)
spanning-tree portfast trunk               (Allows the port to start forwarding packets immediately on linkup)

Fa0/10 connected to my laptop

fa0/11 connected to my esxi host1

fa0/12 connected to my esxi host2

and i create vlan 50,51for the management and other port group but in this scenario no no one pinging each other

SteveFuller2011 · ‎07-15-2011

Can you get a show interface trunk from the Cisco switch and esxcfg-vswitch --list from the ESX host?

In my lab I've got a port-channel with 802.1Q trunking carrying VLAN 2 and 10 from the Cisco switch to an ESX host. On the ESX host I've got the Management Network in VLAN 2 and the WinXP-Client network in VLAN 10. From a server on the Cisco switch in VLAN2 I can ping both the ESX host (same VLAN) and a Windows XP client (different VLAN).

Apart from the port-channel this isn't a world away from what you're trying to do.

cisco-switch#sh int trunk

Port Mode Encapsulation Status Native vlan
Po64 on 802.1q trunking 1

Port Vlans allowed on trunk
Po64 2,10

Port Vlans allowed and active in management domain
Po64 2,10

Port Vlans in spanning tree forwarding state and not pruned
Po64 2,10

~ # esxcfg-vswitch --list
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch0 64 5 64 9000 vmnic0,vmnic1

PortGroup Name      VLAN ID Used Ports Uplinks
VM Network          0        0           vmnic0,vmnic1
WinXP-Client        10       1           vmnic0,vmnic1
Management Network 2        1           vmnic0,vmnic1

Regadrs