Solved

VMWare Distributed Port Group Configuration

Posted on 2014-10-24
7
769 Views
Last Modified: 2014-10-29
I have a 3 esxi hosts all with matching hardware and recently set up vcenter server.

I converted all of my existing standard switches to distributed switches and all is working correctly.

The problem I am having is when I try to add a new port group to one of these distributed switches that I created. I cannot seem to get any new port groups to work correctly, there are 3 existing port groups on this virtual switch that were migrated that work fine.

I need to be able to add more port groups to access new vlans.

I try to mimic all of the properties/policies settings in the existing port groups except the vlan # of course

If I put VMs into this port group, they cannot ping the gateway. 2 VMs can ping eachother as long as they are running on the same host. They cannot if they are on different hosts.

The ports on the physical switch that the uplinks connect to are configured to trunk all vlans so I do not think there is an issue there. Same with the uplinks themselves in vcenter.

Since the port groups that I migrated to the distributed switch are ok, there must be some part of the configuration that I am missing when I create a new port group.


One thing I see that looks a little off is that there are unused ports in this port group where the other port groups have only the exact number they need. All groups are set as Ephemeral.
0
Comment
Question by:bts86
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 28

Expert Comment

by:asavener
ID: 40402840
How many uplink ports do you have configured for each vDS?

You say that all VLANs are configured to trunk to your hosts, but are all VLANs allowed past the switches themselves?  (on all upstream trunk ports and between the switches themselves?)
0
 
LVL 28

Expert Comment

by:asavener
ID: 40402846
Also, what kind of uplink ports are you using?  Are you running a port channel?  LACP-controlled port channel?  Just individual uplinks?

What kind of load balancing do you have configured on the new VLANs?
0
 
LVL 1

Author Comment

by:bts86
ID: 40402912
I have 2 uplink ports on each host for this distributed switch where I am having the issue.

They connect to a cisco catalyst 3560 as a port-channel:

interface Port-channel7
 description esxi01
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1-19,21-29,31-4094
 switchport mode trunk
 switchport nonegotiate

I see now that I do not have LACP configured on the VMware hosts.

I am not familiar with some of the options I see to create a LAG. If my switch is set to nonnegotiate does that mean I want the LAG mode as "active"?


Im also a little wary of changing this configuration, can I apply it on a per host basis so that I can migrate VMs off each one first? My management access is also on this vDS and I am afraid to lose connectivity.
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 1

Author Comment

by:bts86
ID: 40402925
on this particulat vDS, there are 2 uplink ports per host, gigabit Ethernet connected to a cisco catalyst 3560:

interface Port-channel7
 description esxi01
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1-19,21-29,31-4094
 switchport mode trunk
 switchport nonegotiate

I see now that I do not have lacp configured on the vDS. Can I configure this without losing connectivity on the current port groups on this vDS?
0
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 40402950
Check the load balancing settings configured on each port group (a working port group and a non-working port group).

Are you configuring through the web client or the c# client?

Be careful making any LACP changes, as I think it's global for all port groups connected to the distributed virtual switch.
0
 
LVL 1

Author Comment

by:bts86
ID: 40402964
load balancing is the same on all port groups: route based on originating virtual port

I am using the web client.
0
 
LVL 1

Author Comment

by:bts86
ID: 40411518
I have figured this out.

The new vlan was created on an asa firewall which does not participate in vtp. So I created the vlan also on the switch with the command : int vlan 51

In troubleshooting I gave the vlan an ip and tried to ping the gateway. There was an error: ip not enabled or interface is down.

What I did not realize is that that command does not actually add the vlan to the database event though it shows it as an interface in the config. The command should have been just: vlan 51

I've never realized this because I usually have at least one switchport configured in access mode for a vlan or it receive vlan information from another switch that does by vtp.


Added the vlan to the switch properly and now can ping everything that it should

What a lot of trouble for such a simple solution.

Thanks for your help. I have actually removed the port channels from the switch because what you pointed out showed me that they were not really functioning as a port channel. Instead of configuring lacp and risking losing connectivity. I am keeping the physicals port as individual uplinks and configured teaming on all port groups to route based on physical nic load.

All is working well this way. I can see in the performance monitors that the traffic is being spread on both nics.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
When rebooting a vCenters 6.0 and try to connect using vSphere Client we get this issue "Invalid URL: The hostname could not parsed." When we get this error we need to do some changes in the vCenter advanced settings to fix the issue.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question