Solved

ESX: setup a vLAN

Posted on 2013-06-06
8
602 Views
Last Modified: 2013-06-06
Hi All,

I've been asked to setup a vLAN for one of our Virtual Servers.  I followed this guide;

To configure a VLAN on the portgroup using the VMware Infrastructure/vSphere Client:
1.  Click the ESXi/ESX host.
2.  Click the Configuration tab.
3.  Click the Networking link.
4.  Click Properties.
5.  Click the virtual switch / portgroups in the Ports tab and click Edit.
6.  Click the General tab.
7.  Assign a VLAN number in VLAN ID (optional).
8.  Click the NIC Teaming tab.
9.  From the Load Balancing dropdown, choose Route based on originating virtual port ID.
10. Verify that there is at least one network adapter listed under Active Adapters.
11. Verify the VST configuration using the ping command to confirm the connection between the ESXi/ESX host and the gateway interfaces and another host on the same VLAN.

I've done steps 1-10 (dont know how to do 11), but I'm unable to ping the server on my new vLAN.

Here are the settings and I does say it's seen vLAN 2, but its not working.

vSwitch0 Settings
Any ideas on what i can check or should change?


many thanks
0
Comment
Question by:detox1978
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 120
ID: 39226104
Have you configured the physical switch for VLAN, trunk ?

the physical switch which is connected to this physical network uplink ports?

e.g. vmnic 1,0,4 and 6 will need to be in a trunk configuration, with a VLAN tag of 2 configured otherwise, traffic of packets, tagged by ESXi, will not know where to go, when they hit the physical switch.

I can see you have a 1 virtual server on VLAN 2, but where are you trying to ping it from, another device on VLAN 2.

You will only be able to ping from another VLAN, if you have Inter-VLAN routing configured on the physical switch.

and what VLAN are the other 22+ servers in?
0
 
LVL 2

Author Comment

by:detox1978
ID: 39226189
Yes I've configured the switch (a 3com 4500g) port as hybrid, so everything untagged is in vLAN1 and added vLAN2 (for voice).
0
 
LVL 120
ID: 39226452
use tags on the trunk. e.g. VLAN Tag 2, and VLAN Tag 3 for normal traffic etc

VLAN1 is a special VLAN, and should not be used.

how are you pinging the dsevice on VLAN 2 from where?
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 2

Author Comment

by:detox1978
ID: 39226493
We have to use VLAN1 as its used by our main network (which I inherited).  I've checked everything from the switch side, and it works perfectly.  So there must be something i've forgot to do on the ESX side.

If i set a dedicated physical port (untagged) and use the switch to tag it, everything works.  But i dont really want to tied up a NIC to a single vLAN (effectively making it a LAN rather than vLAN).
0
 
LVL 120
ID: 39226776
ESXi does very little, in the way of VLANs, other than set the correct VLAN Tag Number, which corresponds to the VLAN you want to use, traffic through that virtual port group will then be tagged by the Host, when it enters the physical switch, if tag matches physical switch config, it will be sent on it's way....on that VLAN 2.

have you checked which nic port the VM is assoicated with, and checked that trunk, is configured correctly, with all four nics, for VLAN 2.
0
 
LVL 2

Author Comment

by:detox1978
ID: 39226888
Is there any segregation between vLAN that are on the same host?

Is there a way to check the packets are being tagged correctly?  If i plug my laptop into a switch port the ESX was using and put it on vLAN 2's IP address i can resolve everything on vLAN 2.
0
 
LVL 120

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 39227047
but is your laptop actually using VLAN 2, or just an IP address on VLAN 2.

e.g. have you actually used an 802.1Q Tag on your Laptop NIC?

Yes, there is complete isolation between VLANs on an ESXi host.

Unless you use the special VLAN tag of ALL (4095), connecting this portgroup to a NIC, with Wireshark, you should be able to monitor traffic.
0
 
LVL 2

Author Comment

by:detox1978
ID: 39227400
I think this has many follow up questions, that I dont have time to fit in at the moment, so I'll close the question and reopen when I have time to do full diagnosing.  For now I've just put it on its own NIC.

Many thanks for your time.
0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I will show you HOW TO: Suppress Configuration Issues and Warnings Alert displayed in Summary status for ESXi 6.5 after enabling SSH or ESXi Shell.
This article outlines why you need to choose a backup solution that protects your entire environment – including your VMware ESXi and Microsoft Hyper-V virtualization hosts – not just your virtual machines.
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
This video shows you how to use a vSphere client to connect to your ESX host as the root user. Demonstrates the basic connection of bypassing certification set up. Demonstrates how to access the traditional view to begin managing your virtual mac…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question