ESX: setup a vLAN

Hi All,

I've been asked to setup a vLAN for one of our Virtual Servers.  I followed this guide;

To configure a VLAN on the portgroup using the VMware Infrastructure/vSphere Client:
1.  Click the ESXi/ESX host.
2.  Click the Configuration tab.
3.  Click the Networking link.
4.  Click Properties.
5.  Click the virtual switch / portgroups in the Ports tab and click Edit.
6.  Click the General tab.
7.  Assign a VLAN number in VLAN ID (optional).
8.  Click the NIC Teaming tab.
9.  From the Load Balancing dropdown, choose Route based on originating virtual port ID.
10. Verify that there is at least one network adapter listed under Active Adapters.
11. Verify the VST configuration using the ping command to confirm the connection between the ESXi/ESX host and the gateway interfaces and another host on the same VLAN.

I've done steps 1-10 (dont know how to do 11), but I'm unable to ping the server on my new vLAN.

Here are the settings and I does say it's seen vLAN 2, but its not working.

vSwitch0 Settings
Any ideas on what i can check or should change?


many thanks
LVL 2
detox1978Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Andrew Hancock (VMware vExpert / EE MVE^2)Connect With a Mentor VMware and Virtualization ConsultantCommented:
but is your laptop actually using VLAN 2, or just an IP address on VLAN 2.

e.g. have you actually used an 802.1Q Tag on your Laptop NIC?

Yes, there is complete isolation between VLANs on an ESXi host.

Unless you use the special VLAN tag of ALL (4095), connecting this portgroup to a NIC, with Wireshark, you should be able to monitor traffic.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Have you configured the physical switch for VLAN, trunk ?

the physical switch which is connected to this physical network uplink ports?

e.g. vmnic 1,0,4 and 6 will need to be in a trunk configuration, with a VLAN tag of 2 configured otherwise, traffic of packets, tagged by ESXi, will not know where to go, when they hit the physical switch.

I can see you have a 1 virtual server on VLAN 2, but where are you trying to ping it from, another device on VLAN 2.

You will only be able to ping from another VLAN, if you have Inter-VLAN routing configured on the physical switch.

and what VLAN are the other 22+ servers in?
0
 
detox1978Author Commented:
Yes I've configured the switch (a 3com 4500g) port as hybrid, so everything untagged is in vLAN1 and added vLAN2 (for voice).
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
use tags on the trunk. e.g. VLAN Tag 2, and VLAN Tag 3 for normal traffic etc

VLAN1 is a special VLAN, and should not be used.

how are you pinging the dsevice on VLAN 2 from where?
0
 
detox1978Author Commented:
We have to use VLAN1 as its used by our main network (which I inherited).  I've checked everything from the switch side, and it works perfectly.  So there must be something i've forgot to do on the ESX side.

If i set a dedicated physical port (untagged) and use the switch to tag it, everything works.  But i dont really want to tied up a NIC to a single vLAN (effectively making it a LAN rather than vLAN).
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
ESXi does very little, in the way of VLANs, other than set the correct VLAN Tag Number, which corresponds to the VLAN you want to use, traffic through that virtual port group will then be tagged by the Host, when it enters the physical switch, if tag matches physical switch config, it will be sent on it's way....on that VLAN 2.

have you checked which nic port the VM is assoicated with, and checked that trunk, is configured correctly, with all four nics, for VLAN 2.
0
 
detox1978Author Commented:
Is there any segregation between vLAN that are on the same host?

Is there a way to check the packets are being tagged correctly?  If i plug my laptop into a switch port the ESX was using and put it on vLAN 2's IP address i can resolve everything on vLAN 2.
0
 
detox1978Author Commented:
I think this has many follow up questions, that I dont have time to fit in at the moment, so I'll close the question and reopen when I have time to do full diagnosing.  For now I've just put it on its own NIC.

Many thanks for your time.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.