Vmkernel ports

If you need VMkernel port in different VLANs (and subnet) you will need to configure the physical switch port as a trunk port (or tagged port) and specify a VLAN for each port group where the VMkernel resides.

To change the VLAN of a port group see the following VMware KB article: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003825

If you need VMkernel port in different VLANs (and subnet) you will need to configure the physical switch port as a trunk port (or tagged port) and specify a VLAN for each port group where the VMkernel resides.

I thought when you connect a physical switch port to ESX server, the Trunk is formed automatically.

Note, when I say "trunk" I'm talking about a switch interface that allow traffic from multiple VLANs, and depending of the switch vendor, it may be called "tagged" port. Maybe you're think about trunk as a link aggregation (or port channel), but I'm talking about interface that allow traffic from multiple VLANs simultaneously, in contrast to a access port (or untagged port) that allow traffic only from a single VLAN.

Rich,
I am familiar with  Trunks in Cisco switches... It is the link between 2 Switches that enables Vlans between both switches to be known by either switch if the Vlans are allowed in.

Well, the ESX physical Interface when connected to Physical Switch Port,  I thought the Trunk will form Automatically.

I am familiar with  Trunks in Cisco switches... It is the link between 2 Switches that enables Vlans between both switches to be known by either switch if the Vlans are allowed in.

Remember that inside the vSphere there is a virtual switch, so if you want allow traffic from multiple VLANs between vSphere vSwitch and your Cisco physical switch and sharing the same physical NIC, you need to confirm if the ports on physical switch are on trunk mode. If not, just run the following commands:

switchport mode trunk
switchport trunk allowed vlan vlan-list 

Select allOpen in new window

Note, vSphere do not support DTP (Dynamic Trunking Protocol), so you will need to set up the Cisco physical switch port as trunk, since it will not negotiate with vSphere to form a trunk automatically like may negotiate with another Cisco switch.

See the following VMware KB article for additional details on how to configure your Cisco switch: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006628

OK Rich, let 's say on the Physical Switch , the port connecting to ESX  is configured as Trunk and all Vlans on the switch are allowed.

What needs to be configured on Vmare side in order to configure Vmkernel ports with IP addresses in different  Vlans?

Thank you

Just follow the procedure of the following link: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003825

For instance in the screenshot below:
Management Network Ip address .175 is  the ESX IP address itself.
the vMotion vmkernel IP address is different. Does that mean when the VM is vmotion will go to the location specified by the IP address .101   ?

The IP address of virtual machine will be preserved if the virtual machine vMotion to another host... and the vMotion network will be used by the vSphere transfer the memory content from the source host to the destination host. The destination host will be the host that you specify at the migration wizard.

on the above screenshot Virtual machines should be on the subnet 192.168.1.0 same as Vmotion Network ?

on the above screenshot Virtual machines should be on the subnet 192.168.1.0 same as Vmotion Network ?
Vmotion Ip address 192.168.1.101 represents the IP address of a ESX host or storage IP address?

The best practices is to have a dedicated and different VLAN (and subnet) for vMotion network.

The best practices is to have a dedicated and different VLAN (and subnet) for vMotion network.

If VMs are in 192.168.10.x subnet and Vmotion vmkernel is in 192.168.50.x network
after vmotion of VM  will that be an impact if the VMs have static Ip address and they get vMotioned to different network ?


Also:
on the screenshot above
Vmotion Ip address 192.168.1.101 represents the IP address of a ESX host or storage IP address?

If VMs are in 192.168.10.x subnet and Vmotion vmkernel is in 192.168.50.x network
after vmotion of VM  will that be an impact if the VMs have static Ip address and they get vMotioned to different network ?

vMotion only make sense if source and destination hosts share the same networks... otherwise if you vMotion one VM from a source host that has access to VLAN10 to a destination host that has access only to VLAN20, of course that virtual machine will not work on destination host until you change the VM IP address to reflect the new subnet used by VLAN20. And again, VM network do not have relationship with the vMotion network... the vMotion network is used by the vSphere ESXi host (not virtual machine) to move/copy the virtual machine memory content from source host to destination host, but nothing inside the virtual machine will change and/or needs to change.

Also:
on the screenshot above
Vmotion Ip address 192.168.1.101 represents the IP address of a ESX host or storage IP address?

The vMotion IP address represent the IP address of the virtual VMkernel interface used by the vMotion traffic (used by the vSphere ESXi host, not virtual machine, to move/copy the virtual machine memory content from source host to destination host).

still bit  confused

If ESX1 has IP 192.168.10.10 , ESX2 has IP address 192.168.20.20
VMs in either ESX can be in completely different subnet for instance 10.30.30.x ( Vlan 30)
Correct ?

we can create Vmotion vmkernel either on ESX1 or ESX2 with completely different network than ESX hosts, ie : 172.48.48.48 on ESX1 and another vMotion vmkernel with IP : 172.50.50.50.


Now the only thing that needs to match is the existance of Vlan 30 on ESX1 and ESX2 for the VMs from ESX1 to be able to be migrated to ESX2. if only certain Vlans are allowed on each ESX host.


if all Vlans are allowed on ESX1 and ESX2 hosts (through DCUI) as well as the physical switch trunk port , then there is no restriction in Vlans for vmotion to occur. I mean even if there is no Vlan 30 created on ESX2, you still can Vmotion from ESX1 to ESX2.

Thanks Rich ..