VLAN Configuration on Virtual Switch, Physical Switch, and Virtual Machines
Purpose
This article describes the various VLAN tagging methods used with ESX/ESXi.
Virtual LAN (VLAN) implementation is recommended in ESX/ESXi networking environments because:
- It integrates ESX/ESXi into a pre-existing network
- It secures network traffic
- It reduces network traffic congestion
- iSCSI traffic requires isolated network
Resolution
There are three methods of VLAN tagging that can be configured on ESXi:
- External Switch Tagging (EST)
- Virtual Switch Tagging (VST)
- Virtual Guest Tagging (VGT)
External Switch Tagging
- All VLAN tagging of packets is performed on the physical switch.
- ESX host network adapters are connected to access ports on the physical switch.
- The portroups connected to the virtual switch must have their VLAN ID set to 0.
- For more information, see Sample configuration - ESX/ESXi connecting to physical switch via VLAN access mode and external switch VLAN tagging (EST Mode) (1004127).
- See this example snippet of a code from a Cisco switch port configuration:switchport mode accessswitchport access vlan x
Virtual Switch Tagging
- All VLAN tagging of packets is performed by the virtual switch before leaving the ESX/ESXi host.
- The ESX host network adapters must be connected to trunk ports on the physical switch.
- The portgroups connected to the virtual switch must have an appropriate VLAN ID specified.
- For more information, see Configuring a VLAN on a portgroup (1003825).
- For a sample of VST, see Sample configuration of virtual switch VLAN tagging (VST Mode) (1004074).
- See the following example snippet of code from a Cisco switch port configuration:switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,zspanning-tree portfast trunk
Note: The Native VLAN is not tagged and thus requires no VLAN ID to be set on the ESX/ESXi portgroup.
Virtual Guest Tagging
- All VLAN tagging is performed by the virtual machine.
- You must install an 802.1Q VLAN trunking driver inside the virtual machine.
- VLAN tags are preserved between the virtual machine networking stack and external switch when frames are passed to/from virtual switches.
- Physical switch ports are set to trunk port.
- For more information, see Sample configuration of virtual machine VLAN tagging (VGT Mode) (1004252).
- See this example snippet of code from a Cisco switch port configuration:switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,zspanning-tree portfast trunk
No comments:
Post a Comment