VMware Esxi 三种VLAN tagging methods (网络工作原理)
VLAN configuration on virtual switches, physical switches, and virtual machines(1003806)Purpose
This article describes the various VLAN tagging methods used with ESXi/ESX.
Virtual LAN (VLAN) implementation is recommended in ESXi/ESX networking environments because:
[*] It integrates ESXi/ESX into a pre-existing network
[*] It secures network traffic
[*] It reduces network traffic congestion
[*] iSCSI traffic requires an isolated network
Resolution
There are three methods of VLAN tagging that can be configured on ESXi/ESX:
[*] External Switch Tagging (EST)
[*] Virtual Switch Tagging (VST)
[*] Virtual Guest Tagging (VGT)
External Switch Tagging (EST)
[*] All VLAN tagging of packets is performed on the physical switch.
[*] ESXi/ESX host network adapters are connected to access ports on the physical switch.
[*] The portgroups connected to the virtual switch must have their VLAN ID set to 0.
[*] For more information, see Sample Configuration - ESXi/ESX connecting to physical switch via VLAN access mode and External Switch VLAN Tagging (EST Mode) (1004127).
[*] See this example snippet of a code from a Cisco switch port configuration:
switchport mode access
switchport access vlan x
Virtual Switch Tagging (VST)
[*] All VLAN tagging of packets is performed by the virtual switch before leaving the ESXi/ESX host.
[*] The ESXi/ESX host network adapters must be connected to trunk ports on the physical switch.
[*] The portgroups connected to the virtual switch must have an appropriate VLAN ID specified.
[*] For more information, see:
[*] Configuring a VLAN on a portgroup (1003825)
[*] Configuring Virtual Switch VLAN Tagging (VST) mode on a vNetwork Distributed Switch (1010778)
[*] For a sample of VST, see Sample configuration of virtual switch VLAN tagging (VST Mode) (1004074).
[*] See this example snippet of code from a Cisco switch port configuration:
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
Note: The Native VLAN is not tagged and thus requires no VLAN ID to be set on the ESXi/ESX portgroup.
Virtual Guest Tagging (VGT)
[*] All VLAN tagging is performed by the virtual machine.
[*] You must install an 802.1Q VLAN trunking driver inside the virtual machine.
[*] VLAN tags are preserved between the virtual machine networking stack and external switch when frames are passed to/from virtual switches.
[*] Physical switch ports are set to trunk port.
[*] For more information, see Sample configuration of virtual machine (VM) VLAN Tagging (VGT Mode) in ESX (1004252).
[*] See this example snippet of code from a Cisco switch port configuration:
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan x,y,z
spanning-tree portfast trunk
For additional information on these configurations, see VMware ESX Server 3: 802.1Q VLAN Solutions.
Additional Information
For translated versions of this article, see:
[*] Português: Configurao de VLAN em switch virtual, switch físico e máquinas virtuais (2018937)
Tags
esx esx-networking network-security
See Also
[*] Configuring a VLAN on a portgroup (1003825)
[*] Sample configuration of virtual switch VLAN tagging (VST Mode) (1004074)
[*] Sample Configuration - ESX/ESXi connecting to physical switch via VLAN access mode and External Switch VLAN Tagging (EST Mode) (1004127)
[*] Sample configuration of virtual machine VLAN Tagging (VGT Mode) in ESX (1004252)
[*] Configuring Virtual Switch VLAN Tagging (VST) mode on a vNetwork Distributed Switch (1010778)
[*] Configurao de VLAN em switch virtual, switch físico e máquinas virtuais (2018937)
Update History
02/08/2013 - Added ESXi 5.x and vCenter Server 5.x to Products04/18/2013 - Added link to article 1003825
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.
页:
[1]