Solved: ESXi trunk partially works

useopenid · ‎12-17-2009

I have an ESXi vmhost setup to trunk vlans 2, 100 and 101 to a 6509; vlan 2 is working, but neither 100 nor 101 come up. I can't see any reason for one to work and the others not --- the only difference is the vlan id. Native is the default vlan 1 and is not being used.

IOS (tm) c6sup2_rp Software (c6sup2_rp-JK2O3SV-M), Version 12.1(27b)E4, RELEASE SOFTWARE (fc3)
cisco WS-C6509 (R7000) processor (revision 3.0) with 227328K/34816K bytes of memory.
Processor board ID SAL0827BAAS
R7000 CPU at 300Mhz, Implementation 39, Rev 2.1, 256KB L2, 1024KB L3 Cache

# sho run

...

interface GigabitEthernet5/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2,100-102
switchport mode trunk

...

interface GigabitEthernet5/6
switchport
switchport access vlan 101
switchport mode access

...

#sho int gi5/1 trunk

Port Mode Encapsulation Status Native vlan
Gi5/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Gi5/1 2,100-102

Port Vlans allowed and active in management domain
Gi5/1 2

Port Vlans in spanning tree forwarding state and not pruned
Gi5/1 2

#sho int gi5/1
GigabitEthernet5/1 is up, line protocol is up (connected)

#sho int gi5/6
GigabitEthernet5/6 is up, line protocol is up (connected)

#show int vlan 2
Vlan2 is up, line protocol is up

#show int vlan 101
Vlan101 is up, line protocol is down

Jerry Ye · ‎12-17-2009

Do show vlan to double check and if it doesn't exist, do the following

config t

vlan xxx

exit

and confirm it with show vlan

Regards,

jerry

View solution in original post

Reza Sharifi · ‎12-17-2009

Hi Alan,

Usually this happens when you do not have spanning tree instance for that VLAN.

Can you do a:

sh spanning-tree vlan 100 or 102?

HTH

Reza

useopenid · ‎12-17-2009

It's true, there's not, but that sounds like a chicken-egg problem. Though, actually, ESXi specifically doesn't do spanning tree because their virtual switches don't talk to each other, preventing loops (according to their docs). Also, vlan2 is working, and I would expect it to have the same problem as the other vlans.

I did try adding:

switchport nonegotiate

spanning-tree portfast trunk

which I saw used on another website discussing esx trunking, but that doesn't help. My understanding of "portfast" is that that basically shuts off spanning tree and just forwards regardless.

#sho spanning-tree vlan 1-4094

VLAN0001

Spanning tree enabled protocol rstp

Root ID Priority 32768

Address 0011.5d6f.c001

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768

Address 0011.5d6f.c001

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Gi3/7 Desg FWD 4 128.135 P2p

VLAN0002

Spanning tree enabled protocol rstp

Root ID Priority 32768

Address 0011.5d6f.c002

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768

Address 0011.5d6f.c002

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Gi3/7 Desg FWD 4 128.135 P2p

Gi3/16 Desg FWD 4 128.144 P2p

Gi5/1 Desg FWD 4 128.257 Edge P2p

Gi6/4 Desg FWD 4 128.324 P2p

...

(vlan 101 does not show up at all in this output)

#sho spanning-tree vlan 101

Spanning tree instance(s) for vlan 101 does not exist.

Jerry Ye · ‎12-17-2009

Do show vlan to double check and if it doesn't exist, do the following

config t

vlan xxx

exit

and confirm it with show vlan

Regards,

jerry

useopenid · ‎12-17-2009

Progress! I had defined the interface to get an ip address for testing, but not the vlan itself:

#sho int gi5/1 trunk

Port Mode Encapsulation Status Native vlan

Gi5/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Gi5/1 2,100-102

Port Vlans allowed and active in management domain

Gi5/1 2,101

Port Vlans in spanning tree forwarding state and not pruned

Gi5/1 2,101

#sho vlan name VLAN0101

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

101 VLAN0101 active Gi3/7, Gi5/1, Gi5/6

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

101 enet 100101 1500 - - - - - 0 0

Remote SPAN VLAN

----------------

Disabled

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

# sho run

...

interface Vlan101

description ServerNet NG

ip address 172.20.19.253 255.255.252.0

no ip redirects

hold-queue 2048 in

hold-queue 2048 out

...

#sho int vlan101

Vlan101 is up, line protocol is up

Still not pinging though, not even arping on the guest, but that could be esxi issues --- "show int vlan101" shows packets output but nothing input.

Thanks for this much though!

Jerry Ye · ‎12-18-2009

Check your native VLAN under ESXi, i think vmware is using something like VLAN0 as native, don't remember that 100%.

Regards,

jerry

useopenid · ‎12-18-2009

I don't why the native vlan would matter (assuming it doesn't conflict with a tagged vlan), as I have all the virtual nics in tagged port groups (save for a management lan on a different physical interface).

Reza Sharifi · ‎12-18-2009

I think VMware uses VLAN 0 for all untagged frames (native vlan) and I believe you have to configure service console port group with VLAN id 0.