My personal adventures in the quest for virtual perfectness.
I was rebuilding my homelab and wanted to create 'sites' using vlans. I am using the HP Procurve 1810G-24 switch (cheap, works great) but I had to fiddle some things out and I got it now. I know other sites have nice tutorials, but this is a quick recap from me.
I have three vlans right now. Default (1), lab1 (101) and lab2 (102). Click VLANs and the image below should say enough:
Do not forget to click on "Apply" .
External Switch Tagging tags all traffic on a port with a certain vlan id. Do NOT configure a vlan on your vmkernel or virtual machine port group (else it will just drop the packet - even if you configure the same vlan). This might be usefull if you are using the interface on this port to enable Autodeploy:
Auto Deploy Networking Best Practices
If you intend to use Auto Deploy in an environment that uses VLANs, you must make sure that the hosts you want to provision can reach the DHCP server. How hosts are assigned to a VLAN depends on the setup at your site. The VLAN ID might be assigned by the switch or by the router, or you might be able to set the VLAN ID in the host's BIOS or through the host profile. Contact your network administrator to determine the steps for allowing hosts to reach the DHCP server.
If you want External Switch Tagging, you'll need to (E)xclude the vlans not used. In this example I have an host on port 6 which I want in vlan 101. So vlan 1 is E on port 6, vlan 101 is U on port 6 and vlan 101 is E on port 6. This means port 6 will be put in vlan 101 by the switch, hence the term EST. Also note that ALL traffic on this interface will be in vlan 101. If you create a vmkernel port of virtual machine port group and tag it with a vlan - it won't pass through!
VLAN 1 Config (check port 6):
VLAN 101 Config (check port 6):
VLAN 102 Config (check port 6):
If you click on VLAN Ports and check port 6, it should show the correct VLAN id (in this case 101):
Virtual Switch Tagging is most commonly used. This is defining vlans on the vmkernel port and/or virtual machine port groups. I'm doing VST on port 22 in this configuration. Port 22 allows ALL vlans to pass through. If you want to add another vlan, make sure you also define it on the switch and allow it to pass, putting the port to "T"
Virtual Machine Tagging can also be used. The config is the same for the switch as VST, however, the virtual machine port group must be configured to vlan 4095. This allows the tag FROM the VM to pass over the virtual switch into the physical switch.
Since private VLANs use 2 vlans, you must define them both on the physical switch, so config is the same as VST.
If you are running trunks, do not forget to select all trunked ports to the same config
That's about it, quite easy if you know how - now don't forget to save this config to the switch so it remains active after a powerfailure .