x environment?

Which settings are required for virtual machine guest tagging for VLAN 100 in a vSphere 5.x environment?

A.
Port Group configured for VLAN 100, physical switch configured as a VLAN trunk

B.
Port Group configured for VLAN 4095, physical switch configured as a VLAN trunk

C.
Port Group configured for VLAN 100, physical switch configured for VLAN 100

D.
Port Group configured for VLAN 4095, physical switch configured for VLAN 100

6 Comments on “x environment?

  1. CiscoJedi says:

    What’s so odd about this question is you would normally use the port group to do the tagging, not the VM. I think this question is in the spirit of the cisco 1000v or vyatta firewalls. The device runs as a VM, and therefore the port group must be configured as a trunk

    quite a sneaky one, but the physical switchport could also be configured for vlan 100. it depends what you’re trying to do.

    not a good question vmware; too open ended

  2. Scott says:

    The correct answer is B. This one is a no brainer..

    The answer comes from the VMWare network guide found here…
    http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf

    This link shows how to configure the VGT mode, and the use of port 4095.
    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1010733

    Virtual switch tagging (VST mode) — This is the most common configuration. In this mode, you provision one port group on a virtual switch for each VLAN, then attach the virtual machine’s virtual adapter to the port group instead of the virtual switch directly. The virtual switch port group tags all outbound frames and removes tags for all inbound frames. It also ensures that frames on one VLAN do not leak into a different VLAN.
    Use of this mode requires that the physical switch provide a trunk.

    • Virtual machine guest tagging (VGT mode) — You may install an 802.1Q VLAN trunking driver inside the virtual machine, and tags will be preserved between the virtual machine networking stack and external switch when frames are passed from or to virtual switches. The format for the header of a packet tagged in this way is shown in Figure 3.
    Use of this mode requires that the physical switch provide a trunk.

    • External switch tagging (EST mode) — You may use external switches for VLAN tagging. This is similar to a physical network, and VLAN configuration is normally transparent to each individual physical server.
    There is no need to provide a trunk in these environments

    and the article on how to configure VGT…

    Configuring Virtual Guest VLAN tagging (VGT) mode on a vNetwork Distributed Switch (1010733)
    Purpose
    This article describes the concept and configuration of Virtual Guest VLAN tagging (VGT) mode on ESX 4.x. Resolution
    Note: For additional information on dvPortGroup configuration, see vNetwork Distributed PortGroup (dvPortGroup) configuration (1010593).

    This is a new Virtual Network Adapter, also known as Advanced VMXNET. It is based on Enhanced VMXNET introduced in ESX 3.5, it provides these new features:

    •IEEE 802.1Q VLAN tagging
    •No more need for e1000 Driver inside of a virtual machine
    •VLAN tagging and tag removal offloading
    •Only one VLAN per NIC for Windows
    •TCP Segmentation Offloading for IPv4 and IPv6
    •TCP and UPD Checksum Offloading for IPv4 and IPv6
    •MSI (Messaged Signalled Interrupt) and MSI-X support (subject to guest kernel support)
    •Receive Side Scaling (supported in Windows Vista, 2008 and any other system using NDIS 6.x)
    •VMXNET 3 is the new “state of the art” Virtual Network Adapter.
    To modify and add vNetwork Distributed Port Groups (dvPortGroup):
    1.In vCenter, click Home > Inventory > Networking.
    2.Right-click on dvPortGroup and choose Edit Settings.
    3.Under dvPortGroup > Policies > VLAN, these settings can be specifed:

    ◦VGT – VLAN Guest Tagging
    ◦VLAN Trunking – Physical equivalent to: VLAN in Trunk/Tagged mode
    ◦Standard vSwitch equivalent to: VLAN ID set to 4095

    Note: Distributed Switch Only specifies the range of VLANs to trunk, to improve security.


Leave a Reply

Your email address will not be published. Required fields are marked *