Sample switch port configuration for VLAN and TRUNK MODE
Article ID: 307294
Updated On: 02-11-2025
Products
VMware vCenter Server
VMware vSphere ESXi
Issue/Introduction
This article describes VLAN and TRUNK MODE configuration concepts of VST.
Note: VMware recommends utilizing VLAN technology to establish dedicated subnets for ESX/ESXi management, VMotion, and iSCSI network traffic.
Only allowing through VLAN traffic on physical switch ports connecting to ESX reduces TCP/IP overhead. Native VLANs do not tag the out going VLAN packets toward ESX NICs and if the same VLAN ID is used to configure the vSwitch port group, the vSwitch drops any packet that is not tagged for it, causing the connection to fail. Unnecessary VLAN traffic on a TRUNK port that connects to ESX can cause major performance issues.
Note: Do not use the Native VLAN ID of a physical switch as a VLAN on ESX/ESXi portgroups.
Note: VMware recommends utilizing VLAN technology to establish dedicated subnets for ESX/ESXi management, VMotion, and iSCSI network traffic.
Only allowing through VLAN traffic on physical switch ports connecting to ESX reduces TCP/IP overhead. Native VLANs do not tag the out going VLAN packets toward ESX NICs and if the same VLAN ID is used to configure the vSwitch port group, the vSwitch drops any packet that is not tagged for it, causing the connection to fail. Unnecessary VLAN traffic on a TRUNK port that connects to ESX can cause major performance issues.
Note: Do not use the Native VLAN ID of a physical switch as a VLAN on ESX/ESXi portgroups.
Symptoms:
Case1
When testing network connection using the ping command, the response fails with the following nodes:
When testing network connection using the ping command, the response fails with the following nodes:
- Gateway IP address
- VLAN gateway IP address
- Host on the same subnet or other subnets are not able to ping each other
Case2
Traffic doesn't go through for sometime during ESXi boot-up, however it later normalizes
From vmkernel:
2021-07-29T13:09:36.314Z cpu10:2097715)TeamCheck: NTCCheckResult:962: Please check connectivity on DvsPortset-0!
2021-07-29T13:10:36.315Z cpu10:2097715)TeamCheck: NTCCheckResult:962: Please check connectivity on DvsPortset-0!
2021-07-29T13:11:36.315Z cpu10:2097715)TeamCheck: NTCCheckResult:962: Please check connectivity on DvsPortset-0!
Resolution
This is a Cisco Switch port TRUNK sample configuration.
Apply the following commands to Cisco Switch command line:
Apply the following commands to Cisco Switch command line:
- interface GigabitEthernet1/1
- description VMware ESX - Trunk A - NIC 0 – Port Description
- switchport trunk encapsulation dot1q – ESX only supports dot1q and not ISL
- switchport trunk allowed vlan 100,200 – Allowed VLANs
- switchport mode trunk – Enables Trunk
- switchport nonegotiate – ESX/ESXi does not support DTP dynamic trunking protocol. When configuring trunk port, set it to nonegotiate.
- spanning-tree portfast trunk – Enables PortFast on the interface when it is in trunk mode.
Sample of ESX vSwitch configuration for VST mode:
- esxcfg-vswitch [options] [vswitch[:ports]]
- esxcfg-vswitch -v [VLANID] -p [port group name] [vswitch[:ports]]
- esxcfg-vswitch -v 200 -p "Virtual Machine Network 2" vSwitch1
Additional Information
To configure an ESX Virtual Switch with VLAN ID or VST mode see:
Troubleshooting network connectivity with Virtual Switch Tagging (VST) / External Switch Tagging (EST) mode on an ESX/ESXi host
- Sample configuration of virtual switch VLAN tagging (VST Mode)
- Troubleshooting network connectivity with Virtual Switch Tagging (VST) / External Switch Tagging (EST) mode on an ESX/ESXi host
Troubleshooting network connectivity with Virtual Switch Tagging (VST) / External Switch Tagging (EST) mode on an ESX/ESXi host
Feedback
Was this article helpful?
Yes
No
Powered by
