Hello,
in my scenario I am using more virtual switches. Traffic between VLAN xxx portgroup and TRUNK (4095) port group inside vSwitch2 is NOT tagged!
VM1 - virtual Linux firewall with 2 NICs and more internal TAP network adapters as VPN endpoints:
NIC1 - vSwitch1, TRUNK 4095, but it is not important, one of the VLAN is used to WAN connection
NIC2 - TRUNK to vSwitch2 (VLAN 4095)
(NIC2 is bridged to one of TAP adapters to my custommer's VPN)
VM2 - virtual Linux server with 1 NIC
NIC1 - vSwitch2, VLAN correspondent to VLAN at my custommer (120).
Switch Name Num Ports Used Ports Configured Ports MTU Uplinks
vSwitch2 128 3 32 9000
PortGroup Name VLAN ID Used Ports Uplinks
111 vlan111 111 0
116 vlan116 116 0
113 vlan113 113 0
112 vlan112 112 0
120 vlan120 120 1
Trunk 4095 1
The problem is:
Ethernet frame from VM2 goes through port group vlan120 AND SHUT BE TAGGED. But it is not, because ON VM1 (which goes through port group Trunk 4095) is all traffic untagged.
The opposite direction is OK. It looks like port group VLAN 120 has not set PVID.
Important info:
Promiscuous mode on virtual switches is enabled.
I am using same VLAN numbers (corresponding to different VLAN networks) on other virtual switches.
No changes if I use unique VLAN numbers within vSwitch2.
No changes if vSwitch2 has attached physical NIC or not.
VM1 uses VMXNET 3
VM2 uses E1000
ESXi 5.1.0 1065491
Thanks for your help or info.
Best regards
Tomas Vasek