vlan traffic not getting into esx host?

986box

Member
Oct 14, 2017
100
12
18
41
I have an esxi 7.0 host connected to aruba switch 1930. Using wireshark to trace mirrored traffic, port is receiving vlan traffic.

However no vlan traffic is captured when using pktcap-uw to trace vlan traffic on vmnic. Only 1 nic is connected to the host. VLAN ID for port group is 4095.
Other traffic is going through. Why is vlan traffic being dropped?
 

986box

Member
Oct 14, 2017
100
12
18
41
Yes. I did test with promiscuous enabled. Same results. Only default vlan traffic is captured.
 

Rand__

Well-Known Member
Mar 6, 2014
5,644
1,247
113
Maybe some more details about your setup might help.

Do you want a specific vlan to be passed through ( to a vlan that is appropriately tagged)? Then use vlan 0
Or allow the vswitch to receive (and untag) all vlans? Then use 4095 on the switch and the appropriate vlan on the vmk

Are whe talking about a dvswitch or a regular one?
 

986box

Member
Oct 14, 2017
100
12
18
41
@BoredSysadmin i have not tried port mirroring in vswitch. Only on Aruba switch setting up to mirror vlan 50.

Device on vlan 50 cannot get dhcp from pfsense.

uplink port on Unifi is set to All.

both ports connecting unifi 16 and ESX host are tagged and members of vlan.

VMs in vlans within the host has no issue with dhcp.

Setup has portgroup vlan Id set to 4095 with promiscuous enabled.

Pfsense vm -> Aruba switch —> Unifi 16 -> unifi
 

986box

Member
Oct 14, 2017
100
12
18
41
Maybe some more details about your setup might help.

Do you want a specific vlan to be passed through ( to a vlan that is appropriately tagged)? Then use vlan 0
Or allow the vswitch to receive (and untag) all vlans? Then use 4095 on the switch and the appropriate vlan on the vmk

Are whe talking about a dvswitch or a regular one?
I need all clans trunked in vswitch. It is configured as such but non default vlans are it getting through.
 

Rand__

Well-Known Member
Mar 6, 2014
5,644
1,247
113
Sorry, only run dvswitch that way and there its working as described above (4095 on switch and vlan on PortGroup/vmk).
 

986box

Member
Oct 14, 2017
100
12
18
41
Free version so not support vdswitch. Plan B to run pfsense on physical. Thanks for clarifying!
 

RTM

Well-Known Member
Jan 26, 2014
779
286
63
Free version so not support vdswitch. Plan B to run pfsense on physical. Thanks for clarifying!
Since you are considering using a physical device, you may also want to consider passing through a physical network controller to the traffic recording VM (I know you wrote only one NIC is connected to the host, but since you were considering using a separate device.... I figure something like this may also be doable).

Also, a sidenote that may be relevant, if the reason why you are trying to record traffic, is because you can not make DHCP from pfsense work with a DHCP helper inside a switch on a VLAN that pfsense is not on directly, it is probably because pfSense does not support this.
There have been a few threads about this, so if this is what you are trying to track down, then you should have a look.
Usually people recommend Opnsense for this kind of configuration.
 

986box

Member
Oct 14, 2017
100
12
18
41
Yeah.. i have another NIC installed which I can passthrough. I'll give that a try.
Also saw some post of people resolving no dhcp issue with pfsense vm. its either switch configuration or hyper-v trunk config issue.