VMware Cloud Community
MannyS
Enthusiast
Enthusiast

VM's on promiscuous PVLAN cannot ping

This is a test lab. I have two VM's that communicate with no issues on a vSwitch. They also have no problems pinging when moved to a dvSwitch. But the moment I put them on a PVLAN, they cannot communicate.

Here's what I've done. On the dvSwitch, I've configured primary private VLAN ID = 10 and the secondary obviously gets set to 10 with the subtype of promiscuous. On the port group I have my two VM's, I changed the VLAN to Promiscuos (10,10). The moment I hit ok, the VM's stop communicating. I have tried community and isolated secondary PVLAN's (I know they are different and what they do), but the VM's dont communicate. The moment I set the VLAN type = None on the port group, the communication comes good again.

I have tried a new dvSwitch, chose different host adapters all with the same situation as above. Please help!

|| VCAP5 - DCA, VCP 5 and a slew of Microsoft certs. || If you find this answer useful, please consider awarding points by marking the answer correct or helpful. Thank you.
Reply
0 Kudos
5 Replies
aigiorgi
Contributor
Contributor

Did you found any solution to this problem

I have exactly the same problem!!

Thanks in advance

Reply
0 Kudos
MannyS
Enthusiast
Enthusiast

No, I havent been able to fix this. I suspect this is a problem of the nested setup, not a problem as such. In my test lab at work, such a setup works with no problems. Another problem of the nested setup is when you attempt to move the management network of your vESXi's, they drop off the network and only come back when you restore the management network to OOBE.

If I ever get this fixed, I'll definitely report back. Anyone have any pointers?

|| VCAP5 - DCA, VCP 5 and a slew of Microsoft certs. || If you find this answer useful, please consider awarding points by marking the answer correct or helpful. Thank you.
Reply
0 Kudos
aigiorgi
Contributor
Contributor

Fix it!!!
The problem was the primary port group in the nested setup must be vlan 4095 to pass the vlans tags

Here is a demo about how Private VLANs work in a vSphere nested environment

http://youtu.be/1WKbpXWD8EI

The demo is in spanish but you can read the english captions

I'll apreciate if you share this video with your colleagues or write a comment about it

I hope you'll find useful

Bye

Reply
0 Kudos
vmroyale
Immortal
Immortal

Note: Discussion successfully moved from VMware ESXi 5 to VMware vSphere™ vNetwork

Brian Atkinson | vExpert | VMTN Moderator | Author of "VCP5-DCV VMware Certified Professional-Data Center Virtualization on vSphere 5.5 Study Guide: VCP-550" | @vmroyale | http://vmroyale.com
Reply
0 Kudos
mehfisto
Contributor
Contributor

I had the same problem with moving the management port to a dvSwitch.  I solved it by moving one nic at a time from my test host to the dvSwitch.  Move one nic, then move the management port, then move the second nic.  By doing it in that order I was able to migrate everything to my dvSwitch.  Maybe I misunderstood your situation, but hopefully this helps.

Reply
0 Kudos