• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 88
  • Last Modified:

ESXi 6.0 getting vSwitch to work on mutiple vlans not working with procurve switch.

Goal: Get multiple VLANS to work over multiple Ethernet connections.

ESXi 6.0

Vswitch 1
      Number of ports: Elastic
      MTU (Bytes: 1500
      Promiscuous mode: Reject
      MAC Address changed: Accept
      Forged Transmits: Accept
      Traffic Shaping: Disabled
      Load Balancing: Route based on IP Hash
      Network Failure Detection: Link Status Only
      Notify Switches: Yes
      Failback: Yes
      Active adapters: vmic5 and vmic7

Network Label: Prod-VLAN3
      VLAN ID 3
      Security (All 3 not checked)
      Traffic Shaping: Not Checked
      Teaming and failover: Override checked – route based on IP Hash

Network Label: Prod-VLAN4
      VLAN ID 4
      Security (All 3 not checked)
      Traffic Shaping: Not Checked
      Teaming and failover: Override checked – route based on IP Hash

Port 1 and 2 on the Procurve are connected to vmnic5 and vmnic7

Procurve setup:

; J9279A Configuration Editor; Created on release #Y.11.44

hostname "HP"
trunk 1-2 Trk1 Trunk
ip default-gateway 10.2.2.1
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged 3-23
   no ip address
   tagged 24
   no untagged Trk1
   exit
vlan 3
   name "VLAN3"
   ip address 10.2.2.250 255.255.255.0
   tagged 24,Trk1
   exit
vlan 4
   name "VLAN4"
   untagged Trk1
   ip address 10.2.5.37 255.255.255.0
   tagged 24
   exit
spanning-tree Trk1 priority 4

VM has a 10.2.5.50 address and is set to Prod-Vlan4

I tried both tagged and untagged for trk1 with same failed results. Any suggestions are appreciated.

I tried a distributed switch but I am only licensed for Enterprise.

Thanks,
Chuck
0
fcbc
Asked:
fcbc
  • 9
  • 6
1 Solution
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
You need to present a static trunk (two nics), not LACP

and then use Tagged VLANS, on that static trunk, and then make sure that the virtual machine portgroups have the matching VLAN number that you use in the Tag.

do not use VLAN 1, that is a special VLAN
0
 
fcbcAuthor Commented:
So I have moved over to ports 3 and 4 on the procurve. It looks like you have me leaving the vmware side alone (I think). I have set ports 3 and 4 to trunked and I am using the Prod-VLAN4 for the net work config.

trunk 1-2 Trk1 Trunk
ip default-gateway 10.2.2.1
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged 3-23
   no ip address
   tagged 24
   no untagged Trk1
   exit
vlan 3
   name "VLAN3"
   ip address 10.2.2.250 255.255.255.0
   tagged 3-4,24,Trk1
   exit
vlan 4
   name "VLAN4"
   untagged Trk1
   ip address 10.2.5.37 255.255.255.0
   tagged 3-4,24
   exit
spanning-tree Trk1 priority 4

with the same results.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
please post esxi networking
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
fcbcAuthor Commented:
file attached
network.pdf
0
 
fcbcAuthor Commented:
Any thoughts?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
vlan 3
   name "VLAN3"
   ip address 10.2.2.250 255.255.255.0
   tagged 3-4,24,Trk1
   exit
vlan 4
   name "VLAN4"
   untagged Trk1
   ip address 10.2.5.37 255.255.255.0
   tagged 3-4,24
   exit


the above does not seem consistent, you have untagged Trk1
0
 
fcbcAuthor Commented:
Sorry, I left the trunk group in there and moved over to Port 3 and 4 per the recommendation of not using LACP and to just present two trunked ports.
0
 
fcbcAuthor Commented:
I can ping the switch (10.2.5.37). I don't need to enable any protocols on the switch, like routing, do I.

Whole config is here:

Running configuration:

; J9279A Configuration Editor; Created on release #Y.11.44

hostname "HP"
trunk 1-2 Trk1 Trunk
ip default-gateway 10.2.2.1
snmp-server community "public" Unrestricted
vlan 1
   name "DEFAULT_VLAN"
   untagged 3-23
   no ip address
   tagged 24,Trk1
   exit
vlan 3
   name "VLAN3"
   ip address 10.2.2.250 255.255.255.0
   tagged 3-4,24,Trk1
   exit
vlan 4
   name "VLAN4"
   ip address 10.2.5.37 255.255.255.0
   tagged 3-4,24,Trk1
   exit
spanning-tree Trk1 priority 4
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
can you ping the VLAN IP Address of the switch from the VMs ?
0
 
fcbcAuthor Commented:
Yes, I can ping 10.2.5.37
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
when you put a VM on VLAN  4, but not from a VM on VLAN 3 ?

can you ping the VLAN 3 IP Address from VLAN 3
0
 
fcbcAuthor Commented:
OK. Interesting.

VM - give it an IP of 10.2.5.20 in vlan 4, it can ping the switch and the switch only. nothing else in that vlan, nothing outside of that vlan.
Same VM, same IP - move to vlan 3 nothing works. Can't even ping the switch (expected)

Same VM - give it an IP of 10.2.2.20 put it in vlan 4, nothing works, can't ping either IP on the switch (expected)
Same VM - give it an IP of 10.2.2.20 and put it in vlan 3 everything works. I can ping both IP addresses of the switch, can ping other IP addresses in both VLANS, can even ping IP addresses across the WAN. (expected)

So it looks like everything is working in VLAN 3 as expected, Just not vlan 4
0
 
fcbcAuthor Commented:
So it works! Changing the vlan on the workstation triggered a thought. I had some security software preventing that MAC on that VLAN. That restriction was supposed to be removed. So you answer of using 2 trunk ports rather than the LACP works was the trick. I appreciate the time and sorry for the failed test results.
0
 
fcbcAuthor Commented:
You need to present a static trunk (two nics), not LACP
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
correct LACP not support on ESXi for standard switchs
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 9
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now