07-12-2011 02:05 PM
hi i have a problem with virtual connect and private vlans.
using vmware i can put virtual servers on a pvlan so they cannot talk to each other (only the gateway).
this is working using tunnelled networks through virtual connect and the inbuilt functionality in vmware vsphere
where this falls down is with physical blades.
i have this setup:
LOM 1:a - main LAN - vlan 100
LOM 2:a - main LAN - vlan 100
LOM 1:b - private vlan - vlan 106
on the cisco end the primary vlan is 105, and the isolated vlan 106
i have set the network to be private so the servers cannot communicate with eachother but they also cannot communicate with the gateway.
all the uplinks are trunked and i suspect this is where the issue lies
is there a proven solution for this? or will i have to have a pair of uplinks PER pvlan?
pretty disappointed by the networking capabilities of the virtual connect modules in general!
09-07-2011 02:25 PM
I dont understand why you even mentioned VLAN 105 since it is not associated with the Blade's profile.
Private on the VC module means the gateway's MAC/IP must be on the same VLAN as the NIC in the Server Profile (106 in your example).
09-13-2013 05:11 AM
Just finished implementing Private VLANs in combination with Cisco Swicthes- VMware dVSwitch and HP Virtual connect Flexfabrics. It's tricky first time but not rocket science. Step by step instructions are documented here.
09-19-2013 10:40 PM
I just ran across these videos my co-worker Hongjun had created a while back showing one way to get this doe in VC using Tunneled mode.
Keep in mind you can mix and match Tunnel and Mapped VLAN modes starting in 3.30, but each type has to have its own unique uplinks. But this way you can have one set of uplinks in Tunnel mode for all the VMs, and with PVLAN working.
And then you can bring in your Management VLANs over a seperate uplink in Mapped mode and spread those Networks out using FlexNICs, for things like Management Console, vMotion, Backups or IP Storage like NFS or iSCSI.