VMware Esxi 三种VLAN tagging methods (网络工作原理）

VLAN configuration on virtual switches, physical switches, and virtual machines(1003806)

Purpose

This article describes the various VLAN tagging methods used with ESXi/ESX.

Virtual LAN (VLAN) implementation is recommended in ESXi/ESX networking environments because:

• It integrates ESXi/ESX into a pre-existing network

• It secures network traffic

• It reduces network traffic congestion

• iSCSI traffic requires an isolated network

Resolution

There are three methods of VLAN tagging that can be configured on ESXi/ESX:

• External Switch Tagging (EST)

• Virtual Switch Tagging (VST)

• Virtual Guest Tagging (VGT)

External Switch Tagging (EST)

• All VLAN tagging of packets is performed on the physical switch.

• ESXi/ESX host network adapters are connected to access ports on the physical switch.

• The portgroups connected to the virtual switch must have their VLAN ID set to 0.

• For more information, see Sample Configuration - ESXi/ESX connecting to physical switch via VLAN access mode and External Switch VLAN Tagging (EST Mode) (1004127).

• See this example snippet of a code from a Cisco switch port configuration:
  
  switchport mode access
switchport access vlan x

Virtual Switch Tagging (VST)

• All VLAN tagging of packets is performed by the virtual switch before leaving the ESXi/ESX host.

• The ESXi/ESX host network adapters must be connected to trunk ports on the physical switch.

• The portgroups connected to the virtual switch must have an appropriate VLAN ID specified.

• For more information, see:
  

  • Configuring a VLAN on a portgroup (1003825)

  • Configuring Virtual Switch VLAN Tagging (VST) mode on a vNetwork Distributed Switch (1010778)
    
    

  
  

• For a sample of VST, see Sample configuration of virtual switch VLAN tagging (VST Mode) (1004074).

• See this example snippet of code from a Cisco switch port configuration:
  
  switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk

Note: The Native VLAN is not tagged and thus requires no VLAN ID to be set on the ESXi/ESX portgroup.

Virtual Guest Tagging (VGT)

• All VLAN tagging is performed by the virtual machine.

• You must install an 802.1Q VLAN trunking driver inside the virtual machine.

• VLAN tags are preserved between the virtual machine networking stack and external switch when frames are passed to/from virtual switches.

• Physical switch ports are set to trunk port.

• For more information, see Sample configuration of virtual machine (VM) VLAN Tagging (VGT Mode) in ESX (1004252).

• See this example snippet of code from a Cisco switch port configuration:
  
  switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk

For additional information on these configurations, see VMware ESX Server 3: 802.1Q VLAN Solutions.

Additional Information

For translated versions of this article, see:

• Português: Configurao de VLAN em switch virtual, switch físico e máquinas virtuais (2018937)

Tags

esx esx-networking network-security

See Also

• Configuring a VLAN on a portgroup (1003825)

• Sample configuration of virtual switch VLAN tagging (VST Mode) (1004074)

• Sample Configuration - ESX/ESXi connecting to physical switch via VLAN access mode and External Switch VLAN Tagging (EST Mode) (1004127)

• Sample configuration of virtual machine VLAN Tagging (VGT Mode) in ESX (1004252)

• Configuring Virtual Switch VLAN Tagging (VST) mode on a vNetwork Distributed Switch (1010778)

• Configurao de VLAN em switch virtual, switch físico e máquinas virtuais (2018937)

Update History

02/08/2013 - Added ESXi 5.x and vCenter Server 5.x to Products04/18/2013 - Added link to article 1003825  

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

转载于:https://blog.51cto.com/52python/1382873