This article details the concept and configuration of Virtual Switch Tagging (VST) mode on a dvPortGroup (Distributed Port Group) within a VMware vNetwork Distributed Switch. VST is a common VLAN tagging method where the ESXi host performs the VLAN tagging before sending traffic to the physical switch.

• Physical Switch Port Mode: Set the physical port connected to the ESX host to TRUNK mode.
• VLAN Tagging Standard: ESX only supports IEEE 802.1Q (dot1q) trunking.
• VLAN Definition on Physical Switch: Ensure the necessary VLANs are defined and allowed on the physical switch ports connected to the ESXi hosts.
• VLAN Configuration on ESX: VLAN configuration is required on the ESX side, specifically on the dvPortGroup.

Critical Caution: Native VLAN ID

• VST Mode does NOT support Native VLAN ID.
• DO NOT assign a VLAN ID to a dvPortGroup that is the same as the native VLAN ID of the physical switch.
• Reason: Native VLAN packets are not tagged with a VLAN ID when leaving the physical switch towards the ESXi host. If an ESXi host is configured for VST mode, it expects all traffic to be VLAN-tagged. Untagged packets (native VLAN traffic) will be dropped by the ESXi host if it's operating in VST mode.

Step-by-Step VST Configuration on a dvPortGroup:

1. In vCenter, navigate to Home > Inventory > Networking.
2. Right-click on the desired dvPortGroup and select Edit Settings.
3. Within the dvPortGroup > Settings > VLAN > Policies section:
   • Set the VLAN type to VLAN.
   • Select a VLAN ID within the range of 1-4094.
4. Click OK to apply the changes.

 Notes:

• VLAN ID 4095 should not be used. This ID is reserved or has special uses in some environments.
• Configuration Interface: Distributed Switch portgroups can only be configured from the vSphere Client or vSphere Web Client.
• CLI Limitation: It is not possible to configure vDS portgroup VLANs from the ESX/ESXi command-line interface (CLI).