6 Replies Latest reply on May 9, 2014 10:18 AM by TommyFreddy


    pearlyshells Expert


      Unfortunately, I am not very intimate with vLANs.



      Our virtual network consists of 3 port groups called VM1, VM2 and VM3.  This arrangement exists on all our ESX3.5 hosts in our VirtualCenter2.5 server.  VM1 and VM2 are using the 10.10.x.x  subnets.  VM3 is using 10.20.x.x subnet.   Each also has been associated with its own vSwitch.  vMotion is separated onto another vSwitch and has its own separate subnet.



      Here is my question:  Since we would like the capability to vMotion across and between VM1, VM2 and VM3, we will need to setup a vLAN.  Now, our Server Administrators have already setup the physical switch and physical NICs on all our hosts to each of the different subnets; and, I am told, setup the physical vLAN arrangement.  



      I presume we still need to assign a vLAN ID on every host's vSwitch with the same vLAN ID....is this correct?  For example, I'd have to setup every host's vSwitch with an ID of 10.  This way all port groups on every host should be able to vMotion its associated VirtualMachines to the other (i.e. VirtualMachines on VM3 to VM1 or VM2 and VirtualMachines on VM1 to VM2 or VM3).   Is my thinking correct?



        • 1. Re: vLANs
          dominic7 Virtuoso


          If all of the VLANs are on the same physical switch, what you ( likely ) want to do it set up a 802.1q trunk with all of your VLANs that you want to present to the ESX host. Then you create a virtual switch that contains all of the uplinks that are set up using the 802.1q trunks. Finally create port groups and assign a VLAN to each portgroup in the vSwitch corresponding to the VLANs in the trunk. For example:






          Lets say you have 2 physical switches ( pSwitch1, pSwitch2 ), and you're going to use port 1/1 on each physical switch. You set up those ports so that they're using 802.1q trunks and allow them access to VLANs 10,20,30. You cable those to your ESX host ( vmnic2, vmnic3 ). Let's assume that you're going to use vmnic0 and vmnic1 for service console / VMotion traffic on vSwitch0.



          Create a virtual switch ( vSwitch1 ) which has 2 uplinks ( vmnic2, vmnic3 ), and then create 3 portgroups on the vSwitch vlan_10, ( which is assigned the '10' vlan tag ) vlan_20, ( which is assigned the '20' vlan tag ) and vlan_30 ( which is assigned the '30' vlan tag ).



          • 2. Re: vLANs
            Andy Expert


            Agree with dominic, you want to present a trunk port rather than just a vlan to the esx server. You then tell the port group which vlan they are part of. It allows more flexibility now and in the future.



            Are these cisco switches? If so this is how you can configure the trunk port.



            interface GigabitEthernet2/10

            description ESX Server 1

            switchport trunk encapsulation dot1q

            switchport mode trunk

            switchport nonegotiate

            spanning-tree portfast trunk




            More detail on trunk ports, channel groups and vSwitches here: http://www.vmadmin.co.uk/index.php/resources/35-esxserver/91-esxnetciscotrunklinkagg



            Andy, VMware Certified Professional (VCP), http://www.vmadmin.co.uk/


            If you found this information useful please award points using the buttons at the top of the page accordingly.



            • 3. Re: vLANs
              pearlyshells Expert


              thanks for the info.   I asked our Server Admin how he set up the physical switches and vlans.  He indicated that there are two switch stacks and the switches are "trunked".



              So, the suggestion is to just have one vSwitch for vmotion and service console (with 2vNics) and another vswitch to house our 3 VM port groups with that vswitch connected to 2 vNics.  That pretty much uses all our NICs.  Then assign each port group a separate vLan ID called 10,20 and 30.  Is that correct?  Just want to make sure I understand this.  And, if I do, it appears  that the port groups all will communicate thru the trunk port on the physical switch to the respective vLANs for vMotioning.



              And, to answer the second question....our switches are Nortel switches.



              • 4. Re: vLANs
                Andy Expert


                Yep that is correct.



                So it would look like this:


                Physical NIC        Virtual Switch        Port Group(s)

                vmnic0 vSwitch0 Service Console + vMotion

                vmnic1 vSwitch0 Service Console + vMotion

                vmnic2 vSwitch1 VM Network1 + VM Network 2 + VM Network 3

                vmnic3                        vSwitch1                      VM Network1 + VM Network 2 + VM Network 3







                Andy, VMware Certified Professional (VCP), http://www.vmadmin.co.uk/


                If you found this information useful please award points using the buttons at the top of the page accordingly.



                1 person found this helpful
                • 5. Re: vLANs
                  virtual_knight Enthusiast
                  VMware EmployeesvExpert



                  Without intending to be archaic and rude redirection to RTFM(Read the friendly manual).


                  I would recommend reading this article VMware KB: VLAN configuration on virtual switches, physical switches, and virtual machines


                  And there is more details product documentation.


                  This truly needs more indepth review.


                  Once done and based on above recommendation by fellow community men, please post the configuration(or proposed configuration) schema you have made decided from a single host. If you wish I can review and share feedback. There have been several issues that I have seen with nic teaming, incorrect tagging, inconsistent physical switch uplink configuration leading to outages, hence proposing a cautious approach.

                  • 6. Re: vLANs
                    TommyFreddy Enthusiast

                    You have to trank between two switch, then you have to set VLAN id in access port. That might be solve your problems,

                    If you want to route your VLAN then you have to use routing between two switch.