CirrostratusVMWare, VLAN and LTM VE
Hi,
I created some test setup and was surprised by result. So either I don't get something or there is a bug...
Scenario:
- ESX 5.1 host
- VM with W2K8 R2
- VM with LTM 11.5.2HF2
- One vSwitch
- VLAN100 with tag 100 created on vSwitch
- vNIC with 192.168.1.1 attached to VLAN100 created on W2K8 VM
- vNIC with 192.168.1.2 attached to VLAN100 created on LTM via VLAN assigned to Interface 1.1 and self IP
- VLAN on LTM defined with untagged 1.1 Interface but with tag 200
My understanding is that this kind if setup equals connecting vNICs from both VMs to port access like port on vSwitch.
When W2K8 VM tries to connect to LTM self IP it sends ARP broadcast request, and:
- Packet without tag is going to vSwitch
- vSwitch receives untagged packet, adds tag and sends to all VMs that has vNIC assigned to VLAN100
- VLAN tag is stripped from paacket and send to all vNICs belonging to VLAN100
- Packet (without tag) is received by Interface 1.1 on LTM
- Internally LTM is assigning tag 200 to received packet and process it
- LTM sends ARP Reply without tag (stripped at egress because Interface 1.1 is untagged)
- vSwitch receives packet, adds tag 100 and sends it to port that is assigned with target MAC from packet
- vSwitch stripes tag 100 at target interface (W2K8 interface) and sends untagged packet
- W2K8 vNIC receives untagged packet and can map IP to MAC address, then TCP session can be created
But it's not working like that, if vSwitch VLAN tag is different than VLAN tag defined on Interface 1.1 on LTM ping is not working. When VLAN using 4095 is assigned to vNIC on LTM then ping starts to work.
So question is why untagged Interface assigned to VLAN on LTM with tag other than vSwitch VLAN is not receiving packets? Interface on LTM should receive untagged frames from vSwitch, so it should not matter if vSwitch VLAN is using different tag than LTM defined VLAN to which Interface belongs.
Am I missing something here?
Potr
