NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

jg1's avatar
jg1
Aspirant
Nov 14, 2016
Solved

M4300 VMware VLANS

 

 

 
I'm new to VLANs and having trouble configuring VLANs for use with VMware. Here's what I'm testing with:
 
VMware standard vSwtich with a VM Network Port Group connect to a single vNic connected to the M4300 with a single uplink. 
 
What I want to do is set it up so that the VM Network traffic is on a VLAN so that it cannot communicate with any other port group and only goes out the uplink without VLAN tags. 
 
So here's what I thought I should do(but doens't work)
 
On the Switch:
 
Create VLAN 100
Set VLAN membership for VMware port to tagged and uplink port to untagged.
Set VMware Port to Trunk (assume trunk as I'll multiple VLANS on this port)
 
On VMware:

Set the Port Group to VLAN 100
 
When I do this traffic no longer flows from VM on the port group. Am I even close to setting the swtich up correctly? 

Installation
  • DanielZhang's avatar
    DanielZhang
    Nov 16, 2016

    Hi Jg,

     

    It's all right.

    Any post about your concern is welcome:smileyhappy:

     

    So the question now is "So if I have a single uplink connecting to another switch, that connects to the LAN for which I have no control over, and should not have any vlan config going out, how should that be configured? "

     

    I want to summarize the topology from your information:

    1) The port connect to VSwitches should be Tag mode

    This port maybe use multiple VLAN.(My example: port 1/0/2,Tag with  VLAN 100,VLAN member 100)

     

    2) The port connect as uplink to another switch should be unTag.(My example: port 1/0/4, PVID 100,untag with VLAN 100,VLAN member 100)

     

     

    Please check the example as below:

     

     

    tag_untag_2.png

     

     

    In this topology,

    multiple VLAN traffic will not forward two-way.

    because 1/0/4 will only forward the untag packets to PVID VLAN 100.

    Let me know your complete network requirement if you have further concern.

     

     

    Again, any post is welcome.:smileyhappy:

     

     

    Regards,

    Daniel.

     

4 Replies

  • DanielZhang's avatar
    DanielZhang
    NETGEAR Expert
    Nov 15, 2016

    Hi Jg,

     

    Welcome to NETGEAR community!:smileyhappy:

     

    Maybe the PVID configuration just missed on your M4300.

    We also analyze your requirement carefully so let me clear your concern with a real vSwitch configuration example.

    Please refer below's configuration example just like yours.

     

    In this example, 

    1)  There are three VM machine VM1,VM2,VM3.

    VM1 and VM2 could communicate with each other but they can't reach the network of VM3.

    VM1 and VM2 could communicate with Server A and Server C through VLAN 888.

    VM3 could communicate with Server B and Server C through VLAN 999.

    (Server C need to support VLAN tag feature on network adapter)

     

    2)   Configure VLAN information on M4300 as below picture: 

    You can select the VLAN mode by yourself.(general or access/trunk)
    For the ports which forward untag traffic:

    switchport mode general
    vlan pvid xxx
    vlan participation exclude 1
    vlan participation include xxx
    Or
    switchport mode access
    switchport access vlan xxx

    For the ports which forward tag traffic:

    Switchport mode general
    vlan participation exclude 1
    vlan participation include xxx,yyy
    vlan tagging xxx,yyyy
    Or
    Switchport mode Trunk
    switchport trunk allowed vlan xxx,yyy

    Vswitch_4.png

     

     

     

     

    3) You also need to configure port group on vSwitch:Vswitch.png

     

    Let us know if you have further concern.:smileyhappy:

     

    Regards,

    Daniel.

    • jg1's avatar
      jg1
      Aspirant
      Nov 15, 2016

       
      Daniel, thank you very much. I think I was on the right track but I have some more…
       
      The switch will be used exclusively for VMware hosts so the only connection will be from vSwitches and an uplink.
       
      So if I have a single uplink connecting to another switch, that connects to the LAN for which I have no control over, and should not have any vlan config going out, how should that be configured? 
       
       
      I'm sorry for being obtuse, I may be missing some fundamentals with regard to network design.

      • DanielZhang's avatar
        DanielZhang
        NETGEAR Expert
        Nov 16, 2016

        Hi Jg,

         

        It's all right.

        Any post about your concern is welcome:smileyhappy:

         

        So the question now is "So if I have a single uplink connecting to another switch, that connects to the LAN for which I have no control over, and should not have any vlan config going out, how should that be configured? "

         

        I want to summarize the topology from your information:

        1) The port connect to VSwitches should be Tag mode

        This port maybe use multiple VLAN.(My example: port 1/0/2,Tag with  VLAN 100,VLAN member 100)

         

        2) The port connect as uplink to another switch should be unTag.(My example: port 1/0/4, PVID 100,untag with VLAN 100,VLAN member 100)

         

         

        Please check the example as below:

         

         

        tag_untag_2.png

         

         

        In this topology,

        multiple VLAN traffic will not forward two-way.

        because 1/0/4 will only forward the untag packets to PVID VLAN 100.

        Let me know your complete network requirement if you have further concern.

         

         

        Again, any post is welcome.:smileyhappy:

         

         

        Regards,

        Daniel.

         

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More