VMware vSphere

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Hi Nick...tnx for the reply. 

I may have over complicated things in my post.  VLAN is on the physical switch.  My general non-complicated question is how to configure things to allow the W2016 VM on the ESXi host PC to access the internet.  I assumed I could use E1000e vNIC (I also tried the VMXNET 3)  for the VM, put it in the default VM Network port group, and assign it only with a static IP/DNS/WINS/Gtwy of the physical switch VLAN and done.  The ESXi host's net-settings are setup with the same (though there isn't an option to enter WINS address as far as I can tell). 

And if this is not the correct configuration method then what is?

Thanks!

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Hi Nick...tnx for the reply. 

I may have over complicated things in my post.  VLAN is on the physical switch.  My general non-complicated question is how to configure things to allow the W2016 VM on the ESXi host PC to access the internet.  I assumed I could use E1000e vNIC (I also tried the VMXNET 3)  for the VM, put it in the default VM Network port group, and assign it only with a static IP/DNS/WINS/Gtwy of the physical switch VLAN and done.  The ESXi host's net-settings are setup with the same (though there isn't an option to enter WINS address as far as I can tell). 

And if this is not the correct configuration method then what is?

Thanks!

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Tnx for all the other possible options mentioned, but I'd like to know how to get the setup I described to work as it is not a production setup. 

ESXi host, using one physical NIC, connected to a switch's network port configured with a VLAN and assigned an IP in the VLAN range.  I don't manage the switch so manipulating layer 2 or 3 settings is not possible for me.

In order to get outside internet traffic on the W2106 VM, can the VM use the default VM Network port group w/ that physical NIC, configuring the VM's E1000e NIC w/ an IP in the before mentioned VLAN range (and standard DNS/WINS/Gtwy settings), where both the VM Network port group and the Host's Management port group have default vVLAN id 0? 

If this will not work, how should I modify these factors to get it to work?

Hi Nick...tnx for the reply. 

I may have over complicated things in my post.  VLAN is on the physical switch.  My general non-complicated question is how to configure things to allow the W2016 VM on the ESXi host PC to access the internet.  I assumed I could use E1000e vNIC (I also tried the VMXNET 3)  for the VM, put it in the default VM Network port group, and assign it only with a static IP/DNS/WINS/Gtwy of the physical switch VLAN and done.  The ESXi host's net-settings are setup with the same (though there isn't an option to enter WINS address as far as I can tell). 

And if this is not the correct configuration method then what is?

Thanks!

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Right.  the vm port group vlan id.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Right.  the vm port group vlan id.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Hmm.  I'm not sure how to make sure "VLAN & Priority is also enabled in the VMXNET settings".

Right.  the vm port group vlan id.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Unfortunately, no go, unless "VLAN & Priority is also enabled in the VMXNET" are manual settings w/ the ESXi Host Client console, though I can't find them.  With one physical NIC on the ESXi Host PC and the VMs Nic in any scenario\config I've tried allow traffic passed the Host's physical NIC.  Oh well.  On to bigger and brighter things.  Cheers!

Hmm.  I'm not sure how to make sure "VLAN & Priority is also enabled in the VMXNET settings".

Right.  the vm port group vlan id.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Hi the settings you are looking for are not in ESXi they are in the VMXNET3 adapter inside the Windows 2016 Network settings for the adapter itself, under properties of the NIC use the configure button and go to the advanced tab.

Unfortunately, no go, unless "VLAN & Priority is also enabled in the VMXNET" are manual settings w/ the ESXi Host Client console, though I can't find them.  With one physical NIC on the ESXi Host PC and the VMs Nic in any scenario\config I've tried allow traffic passed the Host's physical NIC.  Oh well.  On to bigger and brighter things.  Cheers!

Hmm.  I'm not sure how to make sure "VLAN & Priority is also enabled in the VMXNET settings".

Right.  the vm port group vlan id.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.

Sadly, no success after making those changes.  Cheers!

Hi the settings you are looking for are not in ESXi they are in the VMXNET3 adapter inside the Windows 2016 Network settings for the adapter itself, under properties of the NIC use the configure button and go to the advanced tab.

Unfortunately, no go, unless "VLAN & Priority is also enabled in the VMXNET" are manual settings w/ the ESXi Host Client console, though I can't find them.  With one physical NIC on the ESXi Host PC and the VMs Nic in any scenario\config I've tried allow traffic passed the Host's physical NIC.  Oh well.  On to bigger and brighter things.  Cheers!

Hmm.  I'm not sure how to make sure "VLAN & Priority is also enabled in the VMXNET settings".

Right.  the vm port group vlan id.

Switch port is set to 100 (set by enterprise IT) and VM VLAN ID 100 to test what I thought you intimated earlier, that VM tags w/ VLAN # "x" are recognized as the same as physical port VLAN # "x" tags.  Doesn't seem to be the case.

When you say you tagged the packets with VLAN ID 100 did you do this at the VM level i.e. with in physical NIC settings or did you do this at VM Port Group level?

I got dragged away from this subject for a few days but now am following up.

As the repeat test, I plugged the additional usbNIC back into the ESXi host PC so it is using two physical NICs. 

Then via the ESXi host's web-console, for the usbNIC I added a VMkernel NIC to link to this usbNIC, created a new vSwitch1, and then created a new VM port group (using default Vlan ID 0) for the VM W2016's NIC to use.  With this configuration, the VM W2016 does have outside internet access.

BTW, both physical adapters connect to ports on the same physical switch, that are programmed to be in our general workstation VLAN.   

In regard to the comment in the last post, "VLAN 0 in ESXi is confusing. It isn't a VLAN at all. As I understand it the use of VLAN 0 inside an ESXi host equals "untagged" in network switch terms. So once the VM sends its packet to the host, the host should pass it on as untagged to the external switch.", it seems that this is correct given that the test described above using two physical NICs, does allow the VM to send\receive traffic with through-put to the outside world w/o VM VLAN ID 0 imposed any VLAN packet tagging for the physical switch to interpret.

Also, I tested if the physical switch can properly interpret packets coming from the VM that have packets tagged with the same VLAN number assigned to the physical switch ports (e.g., the VMs port group is using VLAN ID 100 and the physical ports are also using VLAN 100 tags at the physical switch level.  The result was that the physical switch did not allow "through" traffic from the VM to the outside world.  This seems to indicate that a VM applied VLAN ID don't correspond to a physical switch port's assigned VLAN ID using the same number (100 and 100).

Unfortunately, I am still back at square one when using one physical NIC in the ESXi host PC.  It seems like packets from the VM are not passed on via its vNIC to the host's NIC, on to the switch.  The Hosts vmk0 VMKernel/defaultTcpipStack is configured with a static IP (in the physical switch imposed VLAN range)/Gtwy/DNS.WINS and the VM is also configured the same but with another static IP in the physical switch assigned VLAN.  The VM can communicate with the Host but can't get past the Host.

Not sure why.  Might just have to move on w/o understanding.

Hi,

You have gone above and beyond with your responses.  I have not made mention of many factors you do mention as I know they are not in play, i.e., i know what works on the managed enterprise network I'm using and our assigned workstation Vlan assigned to our physical ports.

So, yes to "You want to use a single NIC and vSwitch for both ESXi management and the VM port group......you can't get internet network traffic from the VM."  Your statement, "If this really is just a managed network switch then the obvious conclusion is the ESXi host has a network problem, or it would already be working when you assigned the VM port group to the vSwitch", is the most interesting to me.

I hoped it would "already be working", after having created the W2016 VM, on the ESXi host, using the default vNET Managment Network & VM Network port groups (default vlan id 0), assigning the VMs NIC to the VM Network Port group, and configuring the VMs NIC with our standard static IP/DNS/WINs settings that I would assign any of the other physical PCs within the same physical switch assigned VLAN. 

The host can ping itself, the VM's IP, its gateway, outside web addresses, etc., so it is working as I would expect, though the VM can only ping itself and the hosts IP, but nothing else as if vVLAN 0 is its own isolated VLAN that only communicates with the host and the VM. 

My original question was basically, should it be working (communicating w/ other PCs on our network's vlan and the outside world) with the above networking configuration and if not, should it be able to?   If not, are there some modifications to the above network configurations that would allow the VM to communicate outside of it's vVLAN 0. 

Cheers.

Hello, 

I have an ESXi host w/ one physical NIC where the VM W2016 server is using the default vSwitch0, in the default VM Network port group, with the same vVlan ID 0 as the Management Network.  The host's vmk0 is configured with a static IP/dns settings in the physical switch's assigned VLAN and the VM W2016 server also has a static IP (dns, wins settings) in that same VLAN IP range.  

I can access the ESXi host and work with it using its IP in a web browser from another PC in the same physical network VLAN.  I can see send/receive traffic on the W2016 configured E1000e NIC, can open a cmd prompt and ping its own IP, the IP of the ESXi host, but not the IP range's GTWY, or any other physical network host or resource.  

I am not sure why I can get outside traffic.  I have tried changing the vNic type from E1000e to VMXNET 3.  I've tried creating a new port group w/ vlan ID 1 using the same physical NIC and I get the same results.  Tried analyzing with WireShark in all previously mentioned scenarios, and only see network traffic from local netowrked printers, Dropbox traffic, and such (so it is seeing some traffic on the physical network), but the VM only continuously sends out an ARP broadcast from VMware_bd:dp:22 "Who has (the GTWY address) Tell the VM's static IP.

I was successful when I attached a 2nd physical UsbNIC and second wire, setup a new port group to use it, and used the same network IP/settings I have been using for the VM and I have no issues.  Can still access the host via one physical NIC/IP group, static IP, and have full outside network access when the host has the UsbNIC attached, etc.  Though, using two NICs and wires and static IPs is not a long term option.

Help letting me know how I might be configuring the VM network setup incorrectly would be highly appreciated.