Looking for a practical worked example for starting with VLANS

Started by sparticle, September 03, 2024, 01:51:11 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
October 21, 2024, 04:29:09 PM #30
Interesting. This second method of attaching a new vnic to the OPNSense VM and configuring a new network to provide services for VLAN30 for instance then creating a PG for VLAN30 and attaching the new VM nic to it does not work outside of the ESXI server! Inside (VM to VM) I can spin up another VM and attach it to the same PG and get a DHCP lease in teh correct VLAN30 subnet. Outside on the HP switch if I connect my laptop to a VLAN30 access port VLANID 30 PVID 30 and pass the tagged VLAN30 traffic via the TRUNK port I get no lease and cannot connect to the VLAN30 subnet.

And I thought I might have been getting somewhere......

October 21, 2024, 04:32:29 PM #31
You need a trunk port carrying all your tagged VLANs/portgroups from ESXi to your switch. This definitely works. How do you think large enterprises with dozens/hundreds of VLANs on VMware do it?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 21, 2024, 04:39:13 PM #32
Quote from: Patrick M. Hausen on October 21, 2024, 04:32:29 PM
You need a trunk port carrying all your tagged VLANs/portgroups from ESXi to your switch. This definitely works. How do you think large enterprises with dozens/hundreds of VLANs on VMware do it?

I already have this in place.

Port           U   T          Link Type   PVID   
GE1/0/9           30      Access   30       
GE1/0/11           50      Access   50       
GE1/0/1   1   30, 50   Trunk   1

Port 1 is the TRUNK working perfectly on VLAN 50 and I suspect on VLAN 30 but no lease on port 9
October 21, 2024, 04:40:32 PM #33
And the portgroup is connected to the vSwitch and the vSwitch is connected to the physical trunk ports?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 21, 2024, 04:56:40 PM #34
Yes exactly like the VLAN 50 setup on the HP Switch. If I plug into port 11 or 12 I get a correct lease in the VLAN50 network. If I plug into port 9 I get no lease. 

Inside ESXI the Vswitch has a PG for the OPNSense LAN connection and another PG for VLAN 30 which has the OPNSense Guest network connected 10.0.30.0/24 providing DHCP and DNS and also a test VM connected. The test VM gets a correct lease in the Guest network VLAN30.

I also configured a new wifi network on VLAN30 and that also cannot provide leases to connected devices.

Confused! The only thing I can think is that the OPNSense LAN PG is operating in VGT mode VLANID4095 and the new PG for VLAN 30 is operating in VST mode VLANID 30.

October 23, 2024, 12:01:26 PM #35
Any further thoughts?
Print
Go Up Pages 1 2 3
User actions