In the first part of this series on 802.1Q VLAN tagging in vSphere VLANs, we learned about the different types of VLAN tagging and why Virtual Switch Tagging (VST) is the most commonly used form of VLAN tagging. In this tip, learn how to configure your switch for Virtual Switch Tagging.
Virtual switch tagging allows greater flexibility when configuring virtual networking because a few physical NICs can support a large number of VLANs. Not only can it simplify your virtual networking, it can also help reduce costs by limiting the number of physical NICs that a host needs to connect to many VLANs. Using VST is a must in any environment where the physical network topology is configured into many VLANs.
Steps to configuring Virtual Switch Tagging
Setting up your vSwitch to use VST mode is fairly simple. First, you need to configure the physical switch ports that the physical NICs of the vSwitch will be connected to. You will need to specify that the ports be configured as trunk ports and also configure the VLAN IDs that it will support. The configuration for this will vary based on the switch manufacturer. VMware provides a guide for 802.1Q VLAN solutions, with examples for Cisco switches. Once you have this configured, your pNICs in vSphere will start showing IP ranges for observed traffic in every VLAN for a specified configured port, as shown below.
You can now create or modify port groups to specify a VLAN ID for each VLAN on a specified configured pNIC. To do this, you edit the vSwitch and add a Virtual Machine network to it, which will create a new port group on the vSwitch. You can also use VLAN IDs with Service Console and VMkernel network. In the port group properties, you enter a network label for it (i.e., VLAN20) and a VLAN ID, as shown in the figure below.
The default VLAN ID is None (0), which uses EST mode and lets the physical switch handle the VLAN tagging. VLAN IDs using VST mode can be set from 1 to 4094. If you want to use VGT mode and do tagging inside the guest OS, you set the VLAN ID to 4095. You would repeat this process creating a port group for every VLAN ID that you have configured on the physical switch ports connected to the vSwitch. Once you are done, you can configure the vNICs of your VMs to be connected to the appropriate port group for the VLAN that you want the VM to be connected to, as shown below.
It's important to make sure your vSwitches are configured to use the same tagging mode that the physical switch ports are configured for. If your physical switch ports are configured as trunk ports (VST mode) and you do not set a VLAN ID on your vSwitch port groups (default EST mode), then your VMs will not be able to communicate on the network.
About the author: Eric Siebert is a 25-year IT veteran with experience in programming, networking, telecom and systems administration. He is a guru-status moderator on the VMware community VMTN forum and maintains VMware-land.com, a VI3 information site.