Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
799
Views
5
Helpful
3
Replies

To tag or not to tag in the Hypervisor

visitor68
Level 5
Level 5

‎03-31-2013 06:36 PM

Typically, an ESX host is connected to a switch port that is    configured as a trunk. The reason, of course, is that an ESX host has  a   bunch of VMs on different VLANs and therefore the hyspervisor tags  the   frames...and you know the rest...

In all the years I have been configuring switch  ports   that connect to ESX hosts, I have always configured them as  trunks.   Theoretically, though, the hypervisor does NOT have to tag the  frames   if, say, all the VMs are one only 1 VLAN. Is that correct?  I  am  thinking then that EST tagging mode is deployed, in which the  physical switch does all the tagging and the hypervisor is configured to  have all VMs belong to a port group set to VLAN ID 0. Then the physical  switch port can be an access port. But in reality, has anyone ever  seen  that? If so, how  often and when was the last time?

As I said, I have never seen this.

Thanks

Thanks

Labels:
0 Helpful
3 Replies 3

Steve Fuller
Level 9
Level 9

‎04-01-2013 01:05 AM

Hi,

You're correct in that VLAN tagging does not have to be used if all VM on the ESX server will be part of the same VLAN, but I don't think it offers you very much and I've not seen it in any of the Enterprise environments I've worked in.

VLAN tagging is well understood these days, and not just by network folk, so the slight additional configuration complexity should not be an issue.

I guess some might argue the 802.1Q tag adds some overhead to the Ethernet frame, but the first physical switch is almost certainly going to to be using .1Q tags towards the network aggregation/core layer anyway. This will mean that you'll probably find most conversations with a VM have VLAN tags somewhere on the end-to-end path, so any reduction in Ethernet efficiency the tag may cause is going to happen anyway.

In my mind the big win for tagging from day 1 is the flexibility it provides. If at some point in the future you want to add more VMs to an ESX server that are in a different VLAN, then you're going to have to re-configure the server and the physical switch. It's very simple to add an extra VLAN to a switch port (assuming you prune unused VLANs in the first place) and this change won't cause any loss of connectivity. If you have to change all the switch ports from access ports to VLAN trunks, and at the same time configure VLANs / port groups on the ESX servers, then you're quite likely facing an outage.

Regards

Message was edited by: Steve Fuller

Duplicate of Dot1Q Tagging in the Hypervisor (https://supportforums.cisco.com/thread/2208624)

visitor68
Level 5
Level 5
In response to Steve Fuller

‎04-01-2013 05:11 AM

Steve, I agree...I,too, have never seen anyone configure a switch port that has an ESX host connected to it as an access port.

0 Helpful

mwronkow
Cisco Employee
Cisco Employee

‎04-01-2013 06:18 AM

I've seen many customer environments using access only vmnics.  The customer will have a few vmnics with tagging to carry VM traffic.  Then they have some vmnics configured as access to service vmotion or storage traffic.

This is actually quite common on N1k. 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card