VMware vSphere

Hello guys,

Running 5.5 ESXi.

I created two vSwitches and put several VMs into each vSwitch. I have one CentOS VM with two NICs, one in each vSwitch. I configured the CentOS VM to work as a bridge. I could pass pings between devices on one vSwitch, but pings failed from devices on one vSwitch to devices on the other (through the CentOS acting as a bridge). The ARP requests were sent through the bridge, however there were never ARP replies sent. I checked around online and someone recommended enabling Promiscuous Mode. I enabled Promiscuous Mode (changing from reject to accept) on both vSwitches (which then applied to the change to all VMs). You can read more about that here: VMware KB: How promiscuous mode works at the virtual switch and portgroup levels

Now all of a sudden, everything is working.

My question is: why?

I suspect I don't want Promiscuous Mode active unless it has to be as it will result in more traffic reaching each VM than it had reaching it before. I don't really understand why I need to allow this change and any help would be nice!

Probably one of the vSwitch was not configured right . when exactly everything start to work ?  when Promiscuous mode was inactive ?

Yours, Oscar

By default promiscuous mode was disabled on the vSwitches and the port groups on those vSwitches. Arp requests from VM a on vSwitch0 would leave its NIC and enter the NIC of VM n which has a NIC on vSwitch0 and vSwitch1, and has its NICs set to bridged mode. The arp requests would then exit on vSwitch1 and would be received by VM b on vSwitch1, however there would be no arp reply from it.

When I enabled promiscuous mode all of a sudden arp replies starting going back and forth and traffic flowed. I'm not sure why I needed to do this and want to make sure this is really necessary.

please refer this URL:

http://www.xangati.com/downloads/pdf/Promiscuous%20Mode%20Instructions.pdf

Fillips that document only states how to enable Promiscuous mode, not why.

Without promiscuous mode enabled, the vSwitch/port group will only forward traffic to VMs (MAC addresses) which are directly connected to the port groups, it won't learn MAC addresses which - in your case - are on the other side of the bridge. With enabling promiscuous mode, all traffic is sent to each VM on the vSwitch/port group and it's up to the VM to decide what to do with the network packets. As you already mentioned, this is not a setting you want to apply to a large number of VMs. For this reason you may create a second port group on the vSwitch with only the CentOS VM and enable promiscuous mode on only this port group rather than on the vSwitch.

André

Andre your solution worked like a champ. And it makes sense, because the ONLY VM that will need to ignore MAC addresses would be the VM acting as the bridge. All the other VMs will be receiving traffic from a MAC on the local vSwitch.

The change I made was to add a second port group (choose the Virtual Machine option) when adding an object in the vSwitchX's properties window and change it's Promiscuous Mode from Reject to Accept. I then assigned that port group only to the bridge VM's NICs in the two vSwitches and reset the initial port groups back to the default of Reject.

Everything is working great - thank you!