mike_wilhelm's profile

1 Message

 • 

70 Points

Tue, Jan 12, 2021 5:21 PM

VLAN traffic not working - LAG to VMWare Distributed Switch

I'm not able to pass VLAN traffic from a host connected to a switch port across LAG to a VMware Distributed Switch.  

Can someone go over my config and give me some pointers, example configs, etc?

Host computer connected to ICX7150 v8.0.9 on port 1/1/7

Trunk is lag on ports 1/1/1-1/1/4 connected to VMWare 7 Distributed switch.

1. Lag shows operational (working)

2. Default VLAN/non tagged traffic passes.

3. VLAN traffic is not working.

ICX Switch config:

lag esxi dynamic id 1

   lacp-timeout long

   ports ethe 1/1/1 to 1/1/4

vlan 1 name DEFAULT-VLAN by port

vlan 5 name VPN by port

   untagged ethe 1/1/6 to 1/1/7

   spanning-tree 802-1w

   spanning-tree 802-1w priority 0

jumbo

VMWare Distributed Switch config:

MTU: 9000

Multicast filtering mode: IGMP/MLD snooping, Discovery protocol: Link Layer Discovery Protocol, Operation: Both

InternalSwitch-DVUplinks: VLAN Type: VLAN trunking, VLAN trunk range: 0-4094

Lag1: ports: 4, Mode: passive, Load balancing mode: Source and destination IP address, TCP/UDP port and VLAN.

PortGroup5: VLAN: 5, Load balancing: Route based on IP hash, Active uplink: lag1

Responses

66 Messages

 • 

1.1K Points

7 m ago

Did you create the VMWare DS and test with out trying it on a LAG first?  The VMDS does not need a LAG to operate effectively but it does need jumbo frames, so any ports that you are using for the VMware connections should be jumbo for sure.  All ports that are connected to the DS ports will need to have all vlan's tagged to them that that VMware is using, for LM, cient connectivity, management etc.  

Employee

 • 

75 Messages

 • 

1.1K Points

7 m ago

I don't see VLAN 5 tagged on the LAG ports.  You would need something like the following:

vlan 5 name VPN by port

   untagged ethe 1/1/6 to 1/1/7

   tagged ethe 1/1/1 to 1/1/4

And all other VLANs you need between switch and VMWare also need to be tagged like the above.  Otherwise it will never pass any traffic across the link other than DEFAULT-VLAN 1 untagged.

Important Announcement