Wired Intelligent Edge

 View Only
  • 1.  LAGS and VLans between Aruba 8320 CX and VMWare ESXi 8.0

    Posted Jun 25, 2024 02:03 PM
    Edited by pietvw Jun 25, 2024 02:18 PM

    Good Morning...

    I'm trying to understand why these networks/devices aren't talking.

    On the Aruba 8320, vlan 201 is my default vlan, while the other vlans 2,4,6,8,10 all contain other traffic.

    All the vlans are defined similarly... 

    interface vlan 2
        ip address 10.2.2.1/24

    interface 1/1/9
        description ESXI-vmnic0
        no shutdown
        no routing
        vlan trunk native 201 tag
        vlan trunk allowed all
    interface 1/1/10
        description ESXI-vmnic1
        no shutdown
        no routing
        vlan trunk native 201 tag
        vlan trunk allowed all
    interface 1/1/11
        description ESXI-MGMT-vmnic2
        no shutdown
        no routing
        vlan access 201

    Interface 1/1/11 works perfectly, and allows me access to ESXi

    ESXi 8.0 Host - vmnic0 (10G), vmnic0 (10G), vmnic2 (mgmt)

    vmnic2 is attached to vSwitch0 and vmk0 attached to that. No VLANS defined.

    vmnic0 is attached to vSwitch1.

    vSwitch1 has a Port-Group for each vlan (PG-VLAN-201, PG-VLAN-2, PG-VLAN-4, PG-VLAN-6, etc.) and each Port-Group is defined with a respective VLAN tag. 

    Currently I have 7 VMs all in PG-VLAN-201 and None are accessible. 

    Ideally... I would love to have a 1/1/9 and 1/1/10 Connected to vSwitch1, and have all the VLANS talking through that.

    (Connecting to vSwitch1 is easy, but configuring with VLANS has me scratching my head.)

    But I'm missing the knowledge of how to accomplish this. Can someone point me in the right direction?


    Thanks.

    Piet



  • 2.  RE: LAGS and VLans between Aruba 8320 CX and VMWare ESXi 8.0

    Posted Jun 26, 2024 08:13 AM

    Hi Piet

    You don't need to use LAG (LACP) on VMware ESXi

    Your configuration will be work (you need to add vmnic1 to vSwitch1)

    it is always recommanded to enable spanning edge port on interface with ESX.



    ------------------------------
    PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

    PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

    PowerArubaCL: Powershell Module to use Aruba Central

    PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

    ACEP / ACMX #107 / ACDX #1281
    ------------------------------



  • 3.  RE: LAGS and VLans between Aruba 8320 CX and VMWare ESXi 8.0

    Posted Jul 01, 2024 11:09 AM

    Hi Piet,

    If your VMware vSphere license does permit that...you can then use vDS (virtual Distributed Switch) and so you can leverage the usage of LACP Links Aggregation on uplinks to your switching infrastructure (the VSX Cluster).

    If your VMware vSphere license doesn't permit that - and so you're stick with simply using vSS, virtual Standard Switch - you can't use LACP Links Aggregation (vSS doesn't support LACP); at best you can use Non-Protcol - called static - Links Aggregation but, IMHO, such approach doesn't worth the effort. Simply speaking with vSS you're basically "forced" to just use multiple redundant standalone uplinks to your VSX Cluster.

    See the below example:

    - vSwitch0 connected to VSX via vmnic4 (NIC on Slot 2 Port 1) on interface 1/1/17 of VSX Primary and vmnic6 (NIC on Slot 3 Port 1) on interface 1/1/17 of VSX Secondary carrying ESXi Management (Port Group with VLAN 2002) and vMotion (Port Group with VLAN 2003)
    - vSwitch1 connected to VSX via vmnic0 (NIC on Slot 1 Port 1) on interface 1/1/18 of VSX Primary and vmnic5 (NIC on Slot 2 Port 2) on interface 1/1/18 of VSX Secondary carrying all VMs (Port Groups with tagged VLANs)

    The above approach could be explained because we use to distribute connections over different NIC's ports of (dual port) various NICs (installed on Slot 1, 2 and 3 of each DELL PowerEdge server), this to enhance resilency in case of NIC/Port/Cable/Transceiver failure.

    == VSX Primary ==

    interface 1/1/17
        description DELL-R740-NNNNNNN-esxi01-s2p1-vmnic4-vSwitch0-cable-F01
        no shutdown
        mtu 9198
        no routing
        vlan trunk native 2002 tag
        vlan trunk allowed 2002-2003
        spanning-tree bpdu-guard
        spanning-tree port-type admin-edge
        spanning-tree tcn-guard
        loop-protect
        loop-protect vlan 2002-2003
    interface 1/1/18
        description DELL-R740-NNNNNNN-esxi01-s1p1-vmnic0-vSwitch1-cable-F03
        no shutdown
        mtu 9198
        no routing
        vlan trunk native 2000 tag
        vlan trunk allowed 2000,2015,2030,2096,2099-2100,2102-2103,2105-2111,2249-2250,3000,3002-3003,3300
        spanning-tree bpdu-guard
        spanning-tree port-type admin-edge
        spanning-tree tcn-guard
        loop-protect
        loop-protect vlan 2000,2015,2030,2096,2099-2100,2102-2103,2105-2111,2249-2250,3000,3002-3003,3300

    == VSX Secondary ==

    interface 1/1/17
        description DELL-R740-NNNNNNN-esxi01-s3p1-vmnic6-vSwitch0-cable-F02
        no shutdown
        mtu 9198
        no routing
        vlan trunk native 2002 tag
        vlan trunk allowed 2002-2003
        spanning-tree bpdu-guard
        spanning-tree port-type admin-edge                         
        spanning-tree tcn-guard
        loop-protect
        loop-protect vlan 2002-2003
    interface 1/1/18
        description DELL-R740-NNNNNNN-esxi01-s2p2-vmnic5-vSwitch1-cable-F04
        no shutdown
        mtu 9198
        no routing
        vlan trunk native 2000 tag
        vlan trunk allowed 2000,2015,2030,2096,2099-2100,2102-2103,2105-2111,2249-2250,3000,3002-3003,3300
        spanning-tree bpdu-guard
        spanning-tree port-type admin-edge
        spanning-tree tcn-guard
        loop-protect
        loop-protect vlan 2000,2015,2030,2096,2099-2100,2102-2103,2105-2111,2249-2250,3000,3002-3003,3300