ESXi VM - ESXi vswitch on VLAN ID 4095 - Brocade switch with tagged ports on VLAN 40 (pfsense is on it too with a tagged port) - pfsense with VLAN 40 configured and firewall rules allowing traffic.
Please, let me know if I missed any data that will be helpful for my problem resolution.
if I delete vlan40 interface in FreeNAS and set vmx0 to 10.0.40.2 address and default gateway to 10.0.40.1 and then set my ESXi vswitch configuration to VLAN ID 40, then I have networking and I can see on pfsense that it is tagged with vlan 40 ID. You can see it in the next image:
so, if I am correct, the problem is on the FreeNAS VM configuration or on ESXi vswitch when configuring it as VLAN ID 4095, but this VLAN ID should set VGT mode and the vswitch port in trunk mode.
all help will be appreciated. Thank you in advance.
Whenever I want a VM on ESXi to have an interface with a VLAN, I do it like this:
-ESXi VLAN-aware switch configured on the ethernet port of the host (just a regular virtual switch)
-VLAN created within that virtual switch (in your case 40)
-virtual interface in the VM configuration set to use that VLAN/network
-the host OS inside the VM doesn’t know its in a VLAN at all. Effectively, its virtual port is “plugged into” an untagged port for VLAN 40 on the virtual switch.
I am not sure to have understood what you are saying. You just create a vswitch on ESXi with VLAN ID 40? but I want a trunk vswitch because I am going to use different VLANs for my FreeNAS jails.
I did once use the special-purpose vlan 4095 in order to access multiple VLANs from within a client, and I don’t remember having any issues with it. In general though I’ve used port-groups with regular VLANs. I recommend first setting that up so you can make sure nothing else is an issue.
The problem is FreeNAS. I have created a Debian VM in the same ESXi port group as a FreeNAS jail. ESXi was on VLAN ID 4095, so VTG is enabled and 802.1Q tag is managed by guest system, not by ESXi. The Debian VM worked at the first time on vlan41.
on FreeNAS side, I have set up vmx1 on the mentioned port group, without address, then I have created vlan41 with vmx1 parent interface, without address too. I have created bridge41 with vmx1 and vlan41 as members.
I have set up a jail with 10.0.41.4 address and 10.0.41.1 gateway, on “network properties”, i have configured interfaces vnet:bridge41 and vnet_default_interface to none, because if I set it to auto, then it adds vmx0. if I do an ifconfig I will see vlan41 and vmx1 as bridge1 members. but the jail cannot see 10.0.41.1
Even if I start clean and do, for example a ifconfig vmx0.40 create vlan 40 vlandev vmx0 inet 10.0.40.2/24 it cannot find 10.0.40.1
(I have two VLANs, 40 and 41, 10.0.XX.1 is the gateway on them)
The switch config was shared in the first post and I can confirm as a Brocade / Ruckus switch user that the VLAN looks correct for what is happening here.
Hello, thank you for posting
The problem is on FreeNAS side, because if I add a Debian VM on the same vswitch, I have no problems to configure it on the VLAN.
