ESXi

 View Only

  • 1.  vmxnet3 NIC removes VLAN tags in Windows 7 x64 VM

    Posted Feb 13, 2017 09:09 PM

    Hi All,

    I have a distributed vSwitch with a port group that has a range of VLANs enabled. An Ubuntu 14 x64 VM and a Windows 7 x64 VM both have a pair of vmxnet3 NICs each and their 2nd NIC is connected to that port group for traffic monitoring purposes (I have Wireshark running on both VMs). I can see VLAN tags on traffic captured by the former one but not the latter one. How do I fix the latter one? I assume my VGT mode is fine and the problem is within guest (e.g. vmxnet3 driver?), else I wouldn't be seeing VLAN tags on Ubuntu VM either.

    The port group is set to Promiscuous mode, VLAN  and VLAN Trunking 0-4094 (it won't let me enter 4095 there - I suppose 4095 is only applicable to standard vSwitch):

    https://s7.postimg.org/3zyx57kej/image.png

    https://s28.postimg.org/qhx6xeh31/image.png

    Already tried using E1000 NIC instead of vmxnet3 and that doesn't help even after adding "MonitorMode=1" or "MonitorModeEnabled=1" into Windows Registry as advised in an Intel document (those settings do help in case of physical Intel NICs). Meanwhile several sources report E1000 NIC preserving VLAN tags with Linux.

    A KB article on how to make it work in Windows with all of the most commonly used NIC types would be ideal.

    Many thanks in anticipation!



  • 2.  RE: vmxnet3 NIC removes VLAN tags in Windows 7 x64 VM

    Posted Feb 15, 2017 01:08 PM

    This KB article explains how to use virtual guest tagging: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004252

    The article specifies the use of the E1000 NIC but also mentions this in the additional information:


    When enabling VGT by setting a VLAN range in vDS or VLAN 4095 in vSS, have one VMXNET3 VNIC per VLAN to use within the guest.

    Note: Some Windows machines can strip VLAN tags unless Monitor mode is enabled for the guest OS NIC (VLAN pass-thru).



  • 3.  RE: vmxnet3 NIC removes VLAN tags in Windows 7 x64 VM

    Posted Feb 15, 2017 02:50 PM

    erikverbruggen:

    Thanks for your reply. Seen that doc already before submitting my inquiry... unfortunately the doc doesn't say how exactly to prevent VLAN tags stripping for vmxnet3 NIC in Windows, hence asking it here.

    > When enabling VGT by setting a VLAN range in vDS or VLAN 4095 in vSS, have one VMXNET3 VNIC per VLAN to use within the guest.

    Will that preserve VLAN tags though? If not it's not suitable for ourselves and for our customers: we have to capture traffic with VLAN tags still on it for ease of further analysis on any PC we like.

    Seeing all traffic is not a problem at all - the problem is to see it along with its VLAN tags.

    > Note: Some Windows machines can strip VLAN tags unless Monitor mode is enabled for the guest OS NIC (VLAN pass-thru).

    That's why when trying E1000 NIC instead of vmxnet3 I tested MonitorMode=1 and MonitorModeEnable=1 as mentioned in my initial post (even that didn't help though). A similar setting for vmxnet3 NIC is exactly what I'm after assuming it exists at all.