Here is some interesting info about esxi NICs when used with Cisco, or other, VLAN:
"Only allowing through VLAN traffic on physical switch ports connecting to ESX reduces TCP/IP overhead. Native VLANs do not tag the out going VLAN packets toward ESX NICs and if the same VLAN ID is used to configure the vSwitch port group, the vSwitch drops any packet that is not tagged for it, causing the connection to fail. Unnecessary VLAN traffic on a TRUNK port that connects to ESX can cause major performance issues. Note: Do not use the Native VLAN ID of a physical switch as a VLAN on ESX/ESXi portgroups." Also the link shows the proper Cisco trunk config http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006628 On Sun, Jul 13, 2014 at 10:07 PM, Alex Needham <alex.need...@gmail.com> wrote: > Hi > > If the port group is already in vlan 10 then you don't need to create a vlan > in pfsense as the vswitch is already untaging it. > > Just add teh interface and assign an ip, or set the vswitch to be vlan 4095 > and it will send tagged traffic through. Which is what I do so that you can > make changes to pfSense without rebooting to detect a new interface that has > been added through esx. > > Also throw an ip on the cisco switch ion vlan 10, that will help you trouble > shoot the problem. > > Hope that helps > > Cheers > > Alex > > > > > > > > > > > > > > > > > > > On 13 July 2014 18:03, Jonatas Baldin <jonatas.bal...@gmail.com> wrote: >> >> Hi guys, how u doing? >> >> I'm doing a home lab for VLAN studying and it's going bad. I don't know >> where the problem is. >> >> Here's my setup: >> >> VMware ESXi 5.5 >> pfSense 2.3.4 (VM) >> Cisco SF300 >> >> - The ESXi has o vSwitch attached to a port group in a physical interface >> with VLAN 10. >> - The pfSense has this port group attached and recognizing as em2. >> - In the pfSense I created a VLAN interface binding on em2 with de ID 10. >> - The FW rules are allowed everything in this interface and a DHCP server >> is configured on the VLAN interface. >> - Physically, this em2 interface is connected to the SF300 on a TRUNK port >> (port 10), with the VLAN 10 allowed. >> - And the port 11 is configured as an access port with VLAN 10, where I >> connected a laptop expecting to receive a DHCP address and got I ICMP >> response which I didn't, even configuring a static IP. >> >> Does anyone have a clue where the problem is? >> >> Thx! >> ____________________________ >> Jonatas Baldin de Oliveira >> Profissional de TI >> Skype: jonatas.baldin >> >> >> _______________________________________________ >> List mailing list >> List@lists.pfsense.org >> https://lists.pfsense.org/mailman/listinfo/list > > > > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
