Hello Richard,

Please find attched the output for the requested commands,

I also did a tcpdump through guestshell on "Vlan10" interface while pinging 7.7.1.94 from the Linux VM  which is showing that the Linux VM is actually sending arp requests and 9k router is sending replays, but the issue I noticed is that the MAC address the router is sending is configured on all interfaces (you can see the "ip a" commad output) which could be the main issue,

Find `ip address` and `tcpdump -i Vlan10` outputs attached as well,

Thank you,

```

Hi,

What happens if you make interface Ethernet1/1 a trunk port?

HTH

Hi Reza,

I still can't ping the SVI, but this time no arp packets are captured over at the "Vlan10" interface. Also he ESXi virtual switch is on VLAN 0, so it's not tagging any traffic,

Hi,

Isn't vlan 0 in VM equal to vlan1 (native vlan) in the Cisco world? If yes, maybe add a new VLAN (vlan 10) to the ESXi host and try again.

Or make vlan 10 on the switch a native vlan.

HTH 

Hi,

Actually in VMWare VLAN 0 configuration in a switch means no VLAN tagging at all, please refer to the below link for more info,

https://communities.vmware.com/t5/Networking-Members/VLAN-0-Concept/td-p/2918292

Thanks for that info! So, in this case, the switch config is correct. It should not make a difference but when pinging from the switch, can you add a source address or a source interface?

HTH

In the 9K, yes, I can specify a source. but not in the Linux VM,

Edit, I actually can specify a source interface in the VM which should do the same thing. Giving the admin interface (7.7.1.65) as the source still isn't solving the issue unfortunately 

I also wanted to note that the VMWare vswitch could be completely ignored here since it's sole role here is to link the two VMs, so for all intenents and purposes it's an Ethernet cable between the two guests

And just for the record, I have just quickly deployed a Vyos as a test router to make sure the issue isn't VMWare related and the ping worked as expected, so there must be something else going on with the K9

What do you think?

Thanks for the help,

As @Reza Sharifi mention 

Change port to trunk 

Interface x

Switchport mode trunk 

Switchport trunk allow vlan 10

Also make sure that SW use vlan1 as native vlan.

The vm dont understand un-tag frame so we need to make frame tag with trunk port 

MHM

Hi MHM,

I'm not sure I understood your suggestion here, so please correct me if I'm wrong.

So the traffic is coming from/to the Linux VM which does not tag it in any way, through the vmware vswich (which also does not tag the traffic), through the 9K Eth1/1 port which as far as I know should be an "access" port for vlan 10 since only untagged vlan 10 traffic will be reaching it anyways. How is making Eth1/1 a trunk port going to help here ?

So I did it any ways, please find the the applied config below, 

interface Ethernet1/1
switchport
switchport mode trunk
switchport access vlan 10
switchport trunk allowed vlan 10
no shutdown

The interface is still not reachable through L3, I also lost ARP which makes sense since the interface is now passing tagged traffic to the vswich / Linux VM which will naturally be dropped,

Thanks,

With access port and with trunk port 

Show mac address' check which vlan SW add for vm mac address.

This can give us hint which vlan vm use 

MHM

Hi MHM,

Please find the output for both scenarios attached,

Edit: So when the interface is in trunk mode, the MAC address of the remote interface does not show in the mac address-table since the switch is expecting tagged traffic through Eth1/1. Whereas, in access mode it dynamically leans the mac address but for some odd reason it fails to communicate in L3.

Edit2: The only thing I'm suspecting right now is ARP, but I'm not sure what could be happening

*   10     000c.29be.5c55   dynamic  0         F      F    Eth1/1

this meaning that the VM server send untag traffic and it add successfully to  MAC with vlan 10 

there is something else preventing the ping 
let me more check