Hi
I am rebuilding my home lab network & am seeking help about whether to use VLAN tagging at the vSwitch or let the pSwitch (access port mode) handle the VLANS.
Currently my vSphere(5.5) network does not use VLAN TAGS. The VLANS are defined on the router sub- interfaces (DOT.1q) & the switch VLAN ports are all access ports (DOT.1q). The pSwitch can do L3. If VLAN tagging is used on the vSwitch, the pSwitch would have 19 Trunk ports. From security view I think this would not been considered an ideal configuration.
When do you use VLAN tagging on the vSwitch versus having the pSwitch handle the VLAN tagging?
When & why is it best to use either option?
The vSwitch for the Hosts will be configured:
HOST's (x 3) vSwitch Configuration - 6 Network Ports
vSwitch 0 (VMkernel) -
Management - vmnic0 >>>> pNIC0 VLAN10
vSwitch 1 (VMkernel)
vMotion - vnic1 >>>>>> pNIC1 VLAN 20
vSwitch 2 (VMkernel)
IP Storage - vmnic2 >>>> pNIC2 VLAN 50
vSwitch3 (VMkernel)
IP Storage - vmnic3 >>>> pNIC3 VLAN 50
vSwitch 4 (VM Port Group)
Virtual Machines traffic PortGroup
vmnic4 ->>>>>>>>>>>>> pNIC 4 VLAN 40
vmnic5 ->>>>>>>>>>>>> pNIC 5 VLAN 40
Comments & recommendations from the community are very much appreciated.
Regards