Thats what i thought, however our network group does not allow port trunking. They are concerned about getting into a spanning tree loop and bringing the whole cisco switch down.

Each host has 12 NICS, is it possible to assign 1 nic to a particular VLAN, so essentially we would have 1pNIC for DMZ, 1 pNIC for Internal and 1 pNIC for secure? Is this configuration recommended or even allowable?

If they are scared about trunking a port, have them take a look at this document:

Jase McCarty

http://www.jasemccarty.com

Co-Author of VMware ESX Essentials in the Virtual Data Center

(ISBN:1420070274) from Auerbach

You could assign 3 or 4 different pNics to different vlans at the switch level, and you would be fine.

For better redundancy, why not have 6 or 8 connected (3 or 4 to 1 switch, and 3 or 4 to another switch)?

Jase McCarty

http://www.jasemccarty.com

Co-Author of VMware ESX Essentials in the Virtual Data Center

(ISBN:1420070274) from Auerbach

Would we still only need one vSwitch if we decided to go with the6 to 8 pNICS? Or would we need to create 3 different vSwitches? Sorry for all the questions...just want to make sure i am understanding completely.

To segment to the physical nics, you would have to have separate vSwitches.

Jase McCarty

http://www.jasemccarty.com

Co-Author of VMware ESX Essentials in the Virtual Data Center

(ISBN:1420070274) from Auerbach

How would the port member of a trunk would get in a Layer 2 loop?

Enable STP on each port if they are scared about it..

I guess that since you can't change tha port into a trunk, you would have to use three pNIC's, each on its own vswitch, since the VLAN's would all work untagged..