Using VLANs with ESX
Most folks are aware that extending 802.1Q VLAN trunks into the ESX host is a best practice recommendation. It enables logical separation and scale of the various traffic types (management, IP storage, VM applications, etc) without being constrained by the number of physical NIC ports. We call this Virtual Switch Trunking (VST). As the name implies, we are extending the VLAN trunk into the virtual switch from the adjacent physical switch. In this mode, the vswitch is the VLAN termination point, so the virtual links to the guest VM vnics, vmkernel, and service console are access ports. The Port Group definitions denote VLAN membership for these ports. The .1Q VLAN tag is stripped on ingress and applied on egress.
Note that while VST is the usual and best practice recommendation, it is just one of three modes available of using VLANs with ESX. Virtual Guest Trunking (VGT) and Externel Switch Tagging (EST) are the others. With VGT, the VLAN trunk is extended all the way to the guest VM. The VM then has access to all the trunked VLANs through the vnic. VGT is configured by selecting VLAN 4095 in the Port Group definition for the VM(s). With EST mode, the physical nics (vmnics) are connected to "access" ports on the physical switch with no VLAN tagged traffic reaching the ESX host and no VLANs configured through the port groups on the vswitch.
Posted by Guy Brunsdon on July 12, 2008 | Permalink |
This post is way better than wasting time trying to figure out the “VMware ESX Server 3 802.1Q VLAN Solutions” PDF. I had to read it three times and still did not really understod what is required!!!
The white paper if full of marketing jargon and repeat itself endlessly without saying anything useful; like wasting pages talking about EST mode, which is simply “Do nothing mode”!!
I am really thankful for your blog post, as it directly says in two paragraphs what 12 pages could not say,
Best Regards,
Posted by: adabbas | May 18, 2009 at 11:30 PM