Troubleshooting network connectivity with Virtual Switch Tagging (VST) / External Switch Tagging (EST) mode on an ESX/ESXi host
search cancel

Troubleshooting network connectivity with Virtual Switch Tagging (VST) / External Switch Tagging (EST) mode on an ESX/ESXi host

book

Article ID: 320185

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

On ESX/ESXi vSwitch port groups, you experience the following:
  • Service Console is unable to ping the gateway IP
  • Virtual machine fails to ping gateway
  • VMkernel networking issues
  • You receive one or more of these errors:
    • Destination Host Unreachable
    • Ping request could not find host IP_address/hostname. Please check the name and try again.
    • Could not open connection to the host, on port ##: Connection failed

Environment

VMware ESXi

VMware vCenter Server

Resolution

To troubleshoot network connectivity with Virtual Switch Tagging (VST) mode, check the VLAN configuration on ESX/ESXi.
 
To check the VLAN configuration on ESX/ESXi:

  1. Verify the Virtual Switch (vSwitch) VLAN ID. For more information, see Configuring a VLAN on a portgroup.

  2. For Virtual Switch Tagging (VST), ensure that VMNICs uplink to switch port is set to TRUNK MODE.

    For External Switch Tagging (EST) ensure that VMNICs uplink to switch port is set to ACCESS MODE.

    Note: VMware recommends utilizing VLAN technology to establish dedicated subnets for ESX/ESXi management, VMotion, and iSCSI network traffic.

    Only allowing through VLAN traffic on physical switch ports connecting to ESX reduces TCP/IP overhead. Native VLANs do not tag the out going VLAN packets toward ESX NICs and if the same VLAN ID is used to configure the vSwitch port group, the vSwitch drops any packet that is not tagged for it, causing the connection to fail. Unnecessary VLAN traffic on a TRUNK port that connects to ESX can cause major performance issues.

    Note: Do not use the Native VLAN ID of a physical switch as a VLAN on ESX/ESXi portgroups.

          Cisco Switch command line:

  • interface GigabitEthernet1/1
  • description VMware ESX - Trunk A - NIC 0 – Port Description
  • switchport trunk encapsulation dot1q – ESX only supports dot1q and not ISL
  • switchport trunk allowed vlan 100,200 – Allowed VLANs
  • switchport mode trunk – Enables Trunk
  • switchport nonegotiate – ESX/ESXi does not support DTP dynamic trunking protocol. When configuring trunk port, set it to nonegotiate.
  • spanning-tree portfast trunk – Enables PortFast on the interface when it is in trunk mode.
       Sample of ESX vSwitch configuration for VST mode:
  • esxcfg-vswitch [options] [vswitch[:ports]]
  • esxcfg-vswitch -v [VLANID] -p [port group name] [vswitch[:ports]]
  • esxcfg-vswitch -v 200 -p "Virtual Machine Network 2" vSwitch1

   3. Utilize Cisco Discovery Protocol (CDP) information to establish switch port configuration settings and correct port configuration accordingly. For more information, see Cisco Discovery Protocol (CDP) network information.

  To test this functionality, do a PING and TCPDUMP analysis of ICMP messages. 


  4.If EtherChannel and NIC teaming is configured, verify EtherChannel configuration. For more information, see Example Configuration of LACP on VMware, Cisco, HP, Dell switches.


  5.Use the ESXi Network Dump Collector in ESXi for collecting data and further troubleshooting. For more information, see Configuring the Network Dump Collector service in vSphere.



Additional Information

Powered by Wolken Software