How to configure Virtual Switch Tagging for vSphere VLANs

Virtual Switch Tagging is the most commonly used method of 802.1Q VLAN tagging for VLANs for vSphere. In this tip, learn how to configure a switch for VLAN Switch Tagging.

In the first part of this series on 802.1Q VLAN tagging in vSphere VLANs, we learned about the different types...

of VLAN tagging and why Virtual Switch Tagging (VST) is the most commonly used form of VLAN tagging. In this tip, learn how to configure your switch for Virtual Switch Tagging.

Virtual switch tagging allows greater flexibility when configuring virtual networking because a few physical NICs can support a large number of VLANs. Not only can it simplify your virtual networking, it can also help reduce costs by limiting the number of physical NICs that a host needs to connect to many VLANs. Using VST is a must in any environment where the physical network topology is configured into many VLANs.

VLAN tagging
Understand the basics of VLAN tagging for vSphere VLANs.

Steps to configuring Virtual Switch Tagging

Setting up your vSwitch to use VST mode is fairly simple. First, you need to configure the physical switch ports that the physical NICs of the vSwitch will be connected to. You will need to specify that the ports be configured as trunk ports and also configure the VLAN IDs that it will support. The configuration for this will vary based on the switch manufacturer. VMware provides a guide for 802.1Q VLAN solutions, with examples for Cisco switches. Once you have this configured, your pNICs in vSphere will start showing IP ranges for observed traffic in every VLAN for a specified configured port, as shown below.

Observing VLAN traffic

You can now create or modify port groups to specify a VLAN ID for each VLAN on a specified configured pNIC. To do this, you edit the vSwitch and add a Virtual Machine network to it, which will create a new port group on the vSwitch. You can also use VLAN IDs with Service Console and VMkernel network. In the port group properties, you enter a network label for it (i.e., VLAN20) and a VLAN ID, as shown in the figure below.

Network label

The default VLAN ID is None (0), which uses EST mode and lets the physical switch handle the VLAN tagging. VLAN IDs using VST mode can be set from 1 to 4094. If you want to use VGT mode and do tagging inside the guest OS, you set the VLAN ID to 4095. You would repeat this process creating a port group for every VLAN ID that you have configured on the physical switch ports connected to the vSwitch. Once you are done, you can configure the vNICs of your VMs to be connected to the appropriate port group for the VLAN that you want the VM to be connected to, as shown below.

Configure VNICs

It's important to make sure your vSwitches are configured to use the same tagging mode that the physical switch ports are configured for. If your physical switch ports are configured as trunk ports (VST mode) and you do not set a VLAN ID on your vSwitch port groups (default EST mode), then your VMs will not be able to communicate on the network.

About the author: Eric Siebert is a 25-year IT veteran with experience in programming, networking, telecom and systems administration. He is a guru-status moderator on the VMware community VMTN forum and maintains, a VI3 information site.


This was last published in June 2010

