VLAN
handling in virtual switches
There are 3 modes of accessing VLANs in vswitches
on esxi.
- EST (External Switch Tagging)
- VST (Virtual Switch Tagging)
- VGT (Virtual Guest Tagging)
What is VLAN, Access Port and Trunk Port? (I
recommend watching below videos on YouTube for beginners)
EST
(External Switch Tagging)
In
this method your physical switch port is configured as Access port, and no VLAN
configured on virtual port group, Physical switch handle VLAN tagging. vSwitches
receives untagged traffic. Downside of this method it will consume lots of NICs,
if you want to use different VLANs.
VST (Virtual
Switch Tagging)
This
is the very common, popular and recommended best method. Virtual Port Groups
are configured with VLAN. To work this design connected physical switch port should
be configured as Trunk port and can be configured with either one VLAN or
multiple VLANs. Traffic with VLAN tag is sent down to vSwitches. vSwitches will
forward that traffic to concerned port group by stripping the VLAN tag. Tagging
is added when traffic is left from vSwitches to uplink port. There is little
CPU cycle involved using this technique.
VGT (Virtual
Guest Tagging)
Configuration
for this method is as same as VST at physical switch. Physical switch port
should be configured as trunk. Actual VLAN is configured on VM in the virtual
NIC settings and VLAN 4095 configured on virtual port group. (4095 can read all
VLANs traffic, this VLAN is generally used for monitoring or sniffing traffic)
I found VLAN id option in vmxnet3 Ethernet
adapter only.
VMware Networking 101: VLAN handling in vSwitches – Part 2
VMware Networking 101: Network Failure Detection – Part 3
VMware Networking 101: vSwitches or PortGroup Security Settings – Part 4
Disclaimer:
This is a personal weblog. The opinions expressed here represent my own. If you find any correction need to be done or anything inappropriate, Feel free to comment on the post.
No comments:
Post a Comment