Configure Netflow for vDS
May 8, 2017
Configure VSAN in Nested Virtualization
May 23, 2017
Configure Netflow for vDS
May 8, 2017
Configure VSAN in Nested Virtualization
May 23, 2017

Configuring PVLAN in vDS

This is a basic post explaining about PVLAN and the steps to configure PVLAN in Distributed Switch. This post is mainly targeted for my friends who are currently learning VMware.

What is PVLAN?

Private VLAN is also called as Port Isolation which can segment the VLAN further to separate the Traffic. Using PVLAN you can split the broadcast domain into multiple isolated broadcast subdomains.

PVLAN is divided into two Groups:

Primary PVLAN:

This is the Original VLAN that is being spitted. All the Secondary PVLANS exist inside the Primary VLAN. There is only one type of Primary PVLAN and is called as Promiscuous.

Secondary PVLAN:

Secondary  PVLANs only exist inside the Primary PVLAN. Each Secondary PVLAN will have an VLAN ID associated to it and all the packets travelling via the secondary PVLAN will be tagged with the associated VLAN ID. Secondary PVLAN is of two types.

Isolated – Any nodes in the Isolated Secondary PVLAN can send and receive packets from the Promiscuous PVLAN.

Community – Any nodes in the Secondary PVLAN may send to and receive packets from other ports in the same secondary PVLAN and also from the Promiscuous PVLAN.

Steps to Configure PVLAN in vDS

Login to Web Client and Right-Click the Distributed Switch -> Settings -> Edit Private VLAN

In the PVLAN Window, click Add.

Now you can Add the required Primary and Secondary PVLAN and the VLAN Type.

Create a Portgroup on the Distributed Switch.

Select the VLAN Type as Private VLAN.

And Select the required Private VLAN ID.

Repeat the same steps and create separate Portgroups for separate PVLANs.

Create some Virtual Machines in each Portgroup to test the communication.

In my test environment I have created some XP Virtual Machines with the following IP Addresses.

Primary PVLAN

TESTVM00 - 192.168.100.10

Secondary PVLAN

PVLAN – Promiscuous

TESTVM01 - 192.168.100.20
TESTVM02 - 192.168.100.25

PVLAN – Community

TESTVM03 - 192.168.100.30
TESTVM04 - 192.168.100.35

PVLAN – Isolated

TESTVM05 - 192.168.100.40
TESTVM06 - 192.168.100.45

Check the Communication by PING to the other Servers.

Related posts

January 8, 2024

Exporting and viewing LDIF from vCenter using SSH / JXplorer

Read more
December 9, 2023

SSH Key based authentication for vCenter using Putty

Read more
December 8, 2023

SSH Key based authentication for vCenter using Openssh

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *