ChocolateRain
asked on
VMWare VMXNET VLAN Tagging not working, or is it?
I have a server that operates in a VOIP VLAN. We are virtualizing this server but don't have a physical NIC to devote solely to VOIP traffic on the ESXi server it is going to be running on. Therefore we need to be able to tag the traffic on the virtual NIC of this VM to go out of the main "LAN" configured NIC of the VMware host server (ESXi box).
As the E1000 driver has no place in its advanced NIC settings (configuring now from the VM side here, which is a 2008R2SP1 server) we've installed a VMXNET3 adapter and set its VLAN ID field to the VLAN ID, in this case "100".
Now we have 2 problems:
1) The network is being recognized as "Public" (love how a "Server OS" would ever think that it is on a "Public" network.)
2) It can't ping anything on this VLAN, nor can it receive pings from other devices on this VLAN.
This leads me to conclude that this obviously isn't connected to the proper VLAN via the tagging. The vSwitch this server is connecting to is setup to be just a standard vSwitch for LAN traffic, nothing exciting there. The Procurve physical switch this is connecting to is accepting tagged packets for this port for the proper domain.
As this issue really only could be related to the either: the vNIC, the vSwitch or the physical switch I'm willing to go over any configuration in any of these areas.
All questions welcome, thanks in advance.
As the E1000 driver has no place in its advanced NIC settings (configuring now from the VM side here, which is a 2008R2SP1 server) we've installed a VMXNET3 adapter and set its VLAN ID field to the VLAN ID, in this case "100".
Now we have 2 problems:
1) The network is being recognized as "Public" (love how a "Server OS" would ever think that it is on a "Public" network.)
2) It can't ping anything on this VLAN, nor can it receive pings from other devices on this VLAN.
This leads me to conclude that this obviously isn't connected to the proper VLAN via the tagging. The vSwitch this server is connecting to is setup to be just a standard vSwitch for LAN traffic, nothing exciting there. The Procurve physical switch this is connecting to is accepting tagged packets for this port for the proper domain.
As this issue really only could be related to the either: the vNIC, the vSwitch or the physical switch I'm willing to go over any configuration in any of these areas.
All questions welcome, thanks in advance.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
not at all. Just need to configure a port group for the management network, assign a vlan to it --also enable ip hash on the management network group as well, otherwise there may be an issue I've seen in a VMWare KB. Create a second port group for the virtual machine network and assing the port group a vlan id as well. Enable vswitch with ip hash and enable switch for trunking.
Another option is to install a network card which are inexpensive these days and save all the hassle. Just assign the vlan on the physical switch attach to vswitch and all the VMs are on that vlan via bridging..
ASKER
Ok so now I've added those VLANs to the default vSwitch (the one entitled LAN) as you recommended. It works great with one 2008R2 server and is totally not working with the other. I removed the VMXNET3 vNIC's tagging and just associated it with the proper VLAN through VMWare by pointing it to the correct VLAN in the vSwitch.
I've tried both the VMXNET3 and the E1000 vNIC with the VM that isn't working, neither to any avail. See the screenshots below.
screenie-of-AGCV11k.jpg
Screenie-of-AGCV10k.jpg
I've tried both the VMXNET3 and the E1000 vNIC with the VM that isn't working, neither to any avail. See the screenshots below.
screenie-of-AGCV11k.jpg
Screenie-of-AGCV10k.jpg
Is your physical switch configured with trunking on the port connected to the ESX hsot? Is the vswitch configured for IP HASH?
ASKER
Yes, they are both on the same host server and connected to the same vSwitch and same physical ports from that vSwitch to the Procurve switch which the configuration of that looks like the following:
Backbone-Switch-config.jpg
Backbone-Switch-config.jpg
OK, so you have VLANs. Have you created a Port Group for trunking?
You need to assign a port (or two if you have the nics) to a port group. Set up the port group to trunk (do not use LACP). This will allow it to pass more than 1 vlan on the interface. Otherwise you can only do static vlans per port and it's not going to work. Show me the interface list.
You need to assign a port (or two if you have the nics) to a port group. Set up the port group to trunk (do not use LACP). This will allow it to pass more than 1 vlan on the interface. Otherwise you can only do static vlans per port and it's not going to work. Show me the interface list.
ASKER
There's some work involved. You need to configure the physical switch correctly then you need to configure the vswitch0 correctly (put the VM Network on VLAN 0 as well. Youw will also need to go into the management port group and confiugre ip hash, otherwise you'll lose conenctivty as well as setting it for vlan 0 (if that's where you have you network on).
It may be a good idea to get a consultant in to do this for you as it will ensure that you get it working correctly.
It may be a good idea to get a consultant in to do this for you as it will ensure that you get it working correctly.
ASKER