Modules Dropping After Rolling to Pure dvSwitch (Yes, I've checked Control VLAN!)

nashwj · ‎02-18-2010

Simple cluster....8 hosts total. Working on two right now for the initial configuration. Deployed the first VSM..connected the three interfaces to port-groups on a vSwitch. Rolled the first two hosts in to the dvSwitch..modules come up fine. Created my uplink configuration and proper vethernet port-profiles. I go to swing the 3 NICs to Control (VLAN 1000), Packet (VLAN 999), and Management (VLAN 1) and the two modules drop. I can create a Service Console on each host in the dvSwitch and put it in VLAN 1000 and ping across fine. If I look at the MAC tables on the switch ports connected to the physical NIC in the uplink I see the MAC for the VEMs on both hosts...but I don't see the VSM MAC from that host. If I roll Control and Packet back to the vSwitch and check that physical port I see the VSM MAC addresses there. So...it's like the VSM isn't forwarding frames out the "type ethernet" uplink. Configuration is below.

Doing "show svs neighbors" after swinging them over gives me nothing...I see what I should before doing the swing. The two physical ports on the switch from the two servers are literally next to each other on the physical 3750. Doing a "show interface g4/0/23 trunk" shows all VLANs as passing..none pruned.

Here is the configuration on both ports used in the uplinks (only doing one per server for testing):

interface GigabitEthernet4/0/23
description esx7.XXXXX.com
switchport trunk encapsulation dot1q
switchport trunk native vlan 3000
switchport mode trunk

Here is the configuration for the uplink, again Control is 1000, Packet 999, and Management (as well as servers) are VLAN 1:

port-profile type ethernet Corp_Net_Uplink
vmware port-group
switchport mode trunk
switchport trunk native vlan 3000
switchport trunk allowed vlan 1-2,5,11,40,75,999-1000
channel-group auto mode on mac-pinning
no shutdown
system vlan 1,999-1000
state enabled

And the port-profiles for the vethernets:

port-profile type vethernet Control
vmware port-group
switchport mode access
switchport access vlan 1000
no shutdown
state enabled

port-profile type vethernet Corp
vmware port-group
switchport mode access
switchport access vlan 1
no shutdown
state enabled

port-profile type vethernet Packet
vmware port-group
switchport mode access
switchport access vlan 999
no shutdown
state enabled

nashwj · ‎02-18-2010

Looks like the dvSwitch is showing that port is blocked on the Control profile. It also still shows the VSM VM using the Control port-group on the vSwitch.

nsundar · ‎02-20-2010

Hi,

You are applying the veth profiles Control, Corp and Packet to the three VSM vnics in the same order, right? The three VSM vnics are Ctrl, Mgmt and Packet resp., so it is important to apply the profiles correspondingly.

The other issue is that these profiles should have their access VLANs as system VLANs. For example, Control should have 1000 as a system VLAN. That is configured as below:

switch(config)# port-profile Control

switch(config-port-prof)# system vlan 1000

Similarly for Corp (management) and Packet.

HTH.

Sundar.

nashwj · ‎02-21-2010

Yeah..it was the missing "system vlan" on each access-port port-profile. I usually split out management/control/packet on a standard vSwitch and this was the first one in a while I've done with those running over the dvSwitch and forgot I needed to do it in both places. I added them the other day and the modules popped right up. I meant to come back and reply....but thanks!