You'll be hard pressed to find a network these days that doesn't have a VMware server (ESX/ESXi) connected. While this is a common scenario there seems to be some misunderstanding on the way that a vSwitch handles frames and their tags.
First off:
The vSwitch does not support untagged frames. This means, that VLAN 1 and all of the traffic that gets passed along will only be dropped.
Second:
The vSwitch does not support DTP, so set the port to no-negotiate.
Third:
It's best practice to manually prune the link to only carry required VLAN's.
This can be done with the switchport allowed command.
For example, on the physical switch port:
* interface GigabitEthernet1/1
* description VMware ESX - Trunk A - NIC 0 – Port Description
* switchport trunk encapsulation dot1q – ESX only supports dot1q and not ISL
* switchport trunk allowed vlan 100,200 – Allowed VLANs
* switchport mode trunk – Enables Trunk
* switchport nonegotiate – ESX does not support DTP dynamic trunking protocol. When configuring trunk port, set it to nonegotiate.
* spanning-tree portfast trunk – Enables PortFast on the interface when it is in trunk mode.
Subscribe to:
Post Comments (Atom)
Posts
Ryan,
ReplyDeleteI have been trying to get in touch with you since January. Do you currently own the domain name KillinIt.com? Please get back to me at sales@ncconceptsinc.com.
Thanks,
Nic