This article describes connecting ESXi/ESX to Cisco IOS switches VLAN port.

Symptoms:

VMware vSphere ESXi 5.5
VMware vSphere ESXi 5.1
VMware ESXi 4.1.x Installable
VMware vCenter Server 4.1.x
VMware vCenter Server 5.1.x
VMware ESX Server 3.0.x
VMware VirtualCenter 2.0.x
VMware ESX 4.1.x
VMware ESXi 4.0.x Embedded
VMware VirtualCenter 2.5.x
VMware vCenter Server 5.5.x
VMware vSphere ESXi 5.0
VMware ESXi 3.5.x Installable
VMware ESXi 4.0.x Installable
VMware ESX Server 3.5.x
VMware ESXi 3.5.x Embedded
VMware ESX 4.0.x
VMware vCenter Server 5.0.x
VMware vCenter Server 4.0.x
VMware ESXi 4.1.x Embedded

VLAN Access and Layer 2 switching

• Physical LAN switch is configured for Virtual LAN (VLAN) segmentation.
• ESXi/ESX simply connects to a switch port that belongs to a VLAN at physical switch level.
• Cisco defines a VLAN as a broadcast domain within a switched network.
• VLANs allow you to segment your switched network so that broadcast domains are smaller, leaving more bandwidth for your end nodes.
• Devices that are in one VLAN do not receive broadcasts from devices in another VLAN.
• For devices on different VLANs to communicate, a layer 3 device (usually a router) must be used.
• VLAN configuration is recommended for securing network traffic.

Virtual Switch (ESX/ESXi) configuration to connect to VLAN switch port

• No VLAN configuration is required on ESXi/ESX side.
• Set ESX port group to belong to VLAN 0.
• Value zero as VLAN means that the vSwitch is not VLAN tagging the ESXi/ESX packets.
• Virtual switch NIC teaming policy set to route based on originating virtual port ID by default depending if ether-channel is enabled on switch port.
• If Ether-channel is configured on Cisco switch port virtual switch NIC teaming policy is set to route base on IP HASH.

Physical Switch Configuration (Cisco, HP, DELL, etc)

• Physical switch Mode Access (Layer2)
• Switch port access VLAN tagging (ID)
• Define VLAN interface
• Assign IP range to VLAN interface
• VLAN routing may be required or VLAN Isolation – (refer to VLAN layer 3 routing Article)

These commands are applied on Cisco IOS to configure switch port for VLAN access:

interface GigabitEthernet1/15

switchport ( Configures the LAN port for Layer 2 switching)

switchport access vlan vlan_ID ( The value can be 1 through 4094, except reserved VLANs)
switchport mode access ( Configures the port to be an access port to prevent trunk negotiation delays)

spanning-tree portfast ( Configure port-fast for initial STP delay)

This image is a sample EST topology:

Configuration within the vSphere/VMware Infrastructure Client or vSphere Web Client

To configure this within the vSphere/VMware Infrastructure Client:

1. Highlight the ESXi/ESX Server host.
2. Click Configuration > Networking > Properties.
3. Highlight the virtual switch in the Ports tab.
4. Click Edit.
5. Click the General tab.
6. Type a value of 0 or NONE in the VLAN ID field. This indicates that VLAN Tagging is off.
7. Click the NIC Teaming tab.
8. From the Load Balancing dropdown, choose Route based on originating virtual port ID
9. Verify that there is at least one network adapter listed under ActiveAdapters
   
   

To configure within the vSphere Web Client.

1. In the vSphere Web Client, navigate to the host.
2. On Manage tab, click Networking
3. Click Virtual Switches in the left panel and click the virtual switch that requires a change in its load balancing policy.
4. Click Edit Setting > Teaming and Failover.
5. From the Load Balancing dropdown, select Route based on originating virtual port ID.
6. Click OK.

• Run the command:
  
  esxcfg-vswitch –l
  
  The results appear similar to:
  
  Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
  
  vSwitch0 64 5 64 1500 vmnic3,vmnic1
  
  
  PortGroup Name VLAN ID Used Ports Uplinks
  
  VM Network 0 0 vmnic1,vmnic3
  Service Console 0 1 vmnic1,vmnic3
  
  
  Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
  
  vSwitch2 64 8 64 1500 vmnic2,vmnic0
  
  PortGroup Name VLAN ID Used Ports Uplinks
  
  VMkernel 0 1 vmnic0,vmnic2
  
  Service Console 2 0 1 vmnic0,vmnic2
  
  Production 0 2 vmnic0,vmnic2

• If the VLAN ID is missing or incorrect, correct the VLAN ID value with the command:
  
  esxcfg-vswitch -v VLAN -p “Service Console” vSwitch0

STP may cause temporary loss of network connectivity when a failover or failback event occurs
サンプル構成 - VLAN アクセス モードおよび外部スイッチ VLAN タギング（EST モード）を介した ESX/ESXi の物理スイッチへの接続
配置示例 - 通过 VLAN 访问模式和外部交换机 VLAN 标记（EST 模式）将 ESX/ESXi 连接到物理交换机