VLAN configuration on virtual switches, physical switches, and virtual machines
Article ID: 311764
Updated On:
Products
VMware vCenter Server
VMware vSphere ESXi
Issue/Introduction
This article describes the various VLAN tagging methods used with ESXi.
Virtual LAN (VLAN) implementation is recommended in ESXi networking environments because:
Virtual LAN (VLAN) implementation is recommended in ESXi networking environments because:
- It integrates ESXi into a pre-existing network
- It secures network traffic
- It reduces network traffic congestion
- iSCSI traffic requires an isolated network
Resolution
Video tutorial for various VLAN tagging methods used with ESXi:
VLAN tagging methods used with ESXi:
There are three methods of VLAN tagging that can be configured on ESXi:
External Switch Tagging (EST)
-
All VLAN tagging of packets is performed on the physical switch.
-
ESXi/ESX host network adapters are connected to access ports on the physical switch.
-
The portgroups connected to the virtual switch must have their VLAN ID set to 0.
-
See this example snippet of a code from a Cisco switch port configuration:
switchport mode access
switchport access vlan x
Virtual Switch Tagging (VST)
-
All VLAN tagging of packets is performed by the virtual switch before leaving the ESXi/ESX host.
-
The ESXi/ESX host network adapters must be connected to trunk ports on the physical switch.
-
The portgroups connected to the virtual switch must have an appropriate VLAN ID specified.
-
For more information, see:
-
For a sample of VST, see Sample configuration of virtual switch VLAN tagging (VST Mode)
-
See this example snippet of code from a Cisco switch port configuration:
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
Note: The Native VLAN is not tagged and thus requires no VLAN ID to be set on the ESXi portgroup.
Virtual Guest Tagging (VGT)
-
All VLAN tagging is performed by the virtual machine.
-
You must install an 802.1Q VLAN trunking driver inside the virtual machine.
-
VLAN tags are preserved between the virtual machine networking stack and external switch when frames are passed to/from virtual switches.
- Virtual machines on which guest OS does the VLAN tagging, should be placed in port group tagged with trunk port.
-
Physical switch ports are set to trunk port.
-
For more information, see Sample configuration of virtual machine (VM) VLAN Tagging (VGT Mode) in ESXi
-
See this example snippet of code from a Cisco switch port configuration:
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
To check the vlan tag stats incoming and outgoing
|
esxcli network nic vlan stats set -n vmnicX -e true |
To enable the vlan stats on vmnic |
|
esxcli network nic vlan stats get -n vmnicX |
To get the vlan stats on the vmnic. |
Additional Information
- VMware Skyline Health Diagnostics for vSphere - FAQ
- Sample configuration of virtual switch VLAN tagging (VST Mode)
- Sample Configuration - ESX/ESXi connecting to physical switch via VLAN access mode and External Switch VLAN Tagging (EST Mode)
- Sample configuration of virtual machine VLAN Tagging (VGT Mode) in ESX
- Configuring Virtual Switch VLAN Tagging (VST) mode on a vNetwork Distributed Switch
- Configuring a VLAN on a portgroup
- Troubleshooting: ESXi hosts have intermittent or no network connectivity
- Troubleshooting virtual machine network connection issues
For translated versions of this article, see:
Feedback
Yes
No
Powered by
