Information Technology Reference
In-Depth Information
Confi guring VLANs
Several times so far we've referenced the use of the VLAN ID when coni guring a VMkernel
port and a VM port group. As dei ned previously in this chapter, a virtual LAN (VLAN) is a
logical LAN that provides efi cient segmentation, security, and broadcast control while allowing
trafi c to share the same physical LAN segments or same physical switches. Figure 5.23 shows a
typical VLAN coni guration across physical switches.
Figure 5.23
Virtual LANs pro-
vide secure tra c
segmentation with-
out the cost of addi-
tional hardware.
VLAN 100
VLAN 150
VLAN 110
VLAN 101
Trunking
VLAN 101
VLAN 150
VLAN 100
VLANs utilize the IEEE 802.1q standard for tagging , or marking, trafi c as belonging to a
particular VLAN. The VLAN tag, also known as the VLAN ID, is a numeric value between
1 and 4094, and it uniquely identii es that VLAN across the network. Physical switches such
as the ones depicted in Figure 5.23 must be coni gured with ports to trunk the VLANs across
the switches. These ports are known as trunk (or trunking ) ports. Ports not coni gured to trunk
VLANs are known as access ports and can carry trafi c only for a single VLAN at a time.
Using VLAN ID
Normally the VLAN ID will range from 1 to 4094. In a vSphere environment, however, a VLAN ID
of 4095 is also valid. Using this VLAN ID with ESXi causes the VLAN tagging information to be
passed through the vSwitch all the way up to the guest OS. h is is called virtual guest tagging ( VGT )
and is useful only for guest OSes that support and understand VLAN tags.
VLANs are an important part of ESXi networking because of the impact they have on the
number of vSwitches and uplinks that are required. Consider this coni guration:
The management network needs access to the network segment carrying management
trafi c.
Other VMkernel ports, depending upon their purpose, may need access to an isolated
vMotion segment or the network segment carrying iSCSI and NAS/NFS trafi c.
VM port groups need access to whatever network segments are applicable for the VMs
running on the ESXi hosts.
 
Search WWH ::




Custom Search